Resolve WSL DNS automatically

boot.sh

#!/bin/bash

# Remove existing "nameserver" lines from /etc/resolv.conf
sed -i '/nameserver/d' /etc/resolv.conf

# Run the PowerShell command to generate "nameserver" lines and append to /etc/resolv.conf
# we use full path here to support boot command with root user
/mnt/c/Windows/System32/WindowsPowerShell/v1.0/powershell.exe -Command '(Get-DnsClientServerAddress -AddressFamily IPv4).ServerAddresses | ForEach-Object { "nameserver $_" }' | tr -d '\r'| tee -a /etc/resolv.conf > /dev/null

resolve_wsl_dns.md

How to resolve DNS issue in WSL once and forever

There are tons of gists available for this problem:

• Fix DNS resolution in WSL2

However even solution is there - I was not satisfied that this problem always persists and I had to do same steps again from time to time. Also using a static DNS like 8.8.8.8 was not the option for me because we use pool of enterprise DNS servers and those are controlled by our IT on our Windows machines. So I wanted to find the way to get those DNS servers dynamically from Windows.

This guide describes the permanent solution using brand-new WSL boot command.

This gist removes nameservers every time your WSL starts and adds newly from powershell results. If it doesn't work for you - please feel free to adjust the script according to your needs.

Prepare boot config

• login to your wsl and run sudo bash. It's important that you do this with a root user because it's a user which executes this command during boot
• change to ~ folder ( or use any folder you like )
• create a new file for example boot.sh and update it with a content from boot.sh gist
• make it executable with chmod +x boot.sh
• create a symbolic link in one of PATH folders ( keep in mind, that for root user number of path folders is very limited by default )

/usr/local/sbin
/usr/local/bin
/usr/sbin
/usr/bin
/sbin
/bin

• i have used ln -s ~/boot.sh /usr/local/bin/boot.sh
• having such a limited list of folders makes root not aware of powershell.exe and rest of window utilities. I have preferred to use an absolute path like /mnt/c/Windows/System32/WindowsPowerShell/v1.0/powershell.exe in my script - but you may think of creating a symlink for powershell too.
• now let's add boot command to /etc/wsl.conf file. In my case it looks like this:

[network]
generateResolvConf=false
[boot]
systemd=true
command=boot.sh

• now just exit from bash, from wsl as well. Terminate your wsl with a command like wsl -t Ubuntu and start again
• if everything went well cat /etc/resolv.conf should have nameservers from your Windows

I also found the following:

• That for this to properly work you need to have an existing /etc/resolve.conf file.
• For local DNS you might need to add search local.domain.name to the stop of the file, (replace local.domain.name with your specific domain name.)

Will the recent added dns tunneling feature resolve the issue of needing to switch between public DNS and corporate DNS? I thought that's what it is for, but the documentation is sparse AF.

@bayeslearner good point. It could be. Gonna try that. It's seems like exactly what this script is doing - adding DNS servers from the host OS. However from what I see in their post - it might be not yet available in the enterprise version yet:

Please note this feature is currently only available to Windows Insiders canary and Release Preview Channel with the latest Windows 11, version 22H2 update here. You can get access now by joining the Windows Insider Program and choosing to opt in your device into the Release Preview Channel.

Thank you for this. I wasted a day trying to figure out how to get my domains working.

Thanks! This works great.

@ThePlenkov
Finally, I arrived here like so man others and find your solution very helpful - thank you for that! ❤️

Do you have an idea if it is possible to update resolv.conf even more programmatically, i.e. not only when booting the WSL distribution but also when enabling a WireGuard tunnel or engaging anther one?

I observed the following (hence my question):
The update happens only (and expectedly) when the WSL distribution is booted, not when I login via e.g. Microsoft terminal. However, when I fiddle with my Windows WireGuard tunnel (switching it on after the WSL distribution has been started), then no update happens. Would it make sense to put your code also in e.g. .profile, so it is called with every login? I can try this myself, of course, but would like to hear your thoughts in case there are some unwanted side effects etc. Furthermore, it would be nice if a nameserver from a WireGuard tunnel would be programmatically removed from the WSL distribution's /etc/resolv.conf if the tunnel is closed/WG switched off. I lack the knowledge to try this right away, so hearing back from you if this is feasible and if it makes sense at all, would be great. Thanks for your time and for sharing your thoughts! 👍

PS:
Sometimes, opening a WSL distribution from the Microsoft terminal drop-down menu takes longer, and in these cases, the distribution seems to be booted anew; therefore, resolv.conf is updated as wanted. However, sometimes, closing the WSL distribution tab and picking it again from the drop-down list opens it quickly, i.e. no booting; then, no update happens.

@7wells thanks for the feedback. Well indeed what you describe - I face myself too when changing the network locations. Please let me know if your experiment works