Share via

WSL With Bridging - Windows 11

Jeremey Wise 11 Reputation points
2022-03-27T14:57:58.173+00:00

This is linked in logic to this thread https://learn.microsoft.com/en-us/answers/questions/756612/windows-11-hyperv-bridge-binding-to-nic-hidden-for.html

But I think what I need is a simple logic path for Windows to complete for networking.

Storyboard:
As a laptop user, I can use WSL bridged to my corp network, reguardless of which NIC must be used at a given time.

Ex: 90% of time I am connected direct via 1Gb NIC. But sometimes I have to present, and so move to wifi (this is change of Gb NIC to WiFi NIC), and sometimes I have to present to a customer (external network that then requires VPN Tunnel as NIC).

WSL is hiding things and this is the core issue I think. It creates a hyperV hosted VM, but instead of just noting this, it hides it and so making change and controlling it makes things very difficult.

Here is what I would expect is the current state of how Windows is working:
187190-image.png

Questions:

  1. Is the above diagram correct. If so, why is Microsoft hiding the HyperV hosted instance it is using to host WSL2?
  2. To enable egress for Ubuntu hosted instance, I think it cannot nativly connect to HyperV switch... but needs bridge.. not sure why
  3. Why am I not able to bind HyperV to OpenVPN VPN TAP connection but other TAP connections show as available to HyperV as "external" target NICs
  4. Website https://learn.microsoft.com/en-us/windows/wsl/wsl-config gives limited options to effect WSL2, but to me, an important one is "what interface it bridges to. Where is the target bridge host interface defined? If I could just issue a command to flip that "NIC" to Gb vs Wifi vs TAP interface, that would solve much of this.
Windows for business | Windows Client for IT Pros | Storage high availability | Virtualization and Hyper-V
Windows for business | Windows Client for IT Pros | User experience | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 39,926 Reputation points
    2022-03-30T20:46:06.037+00:00

    Hi @Jeremey Wise

    Questions:

    1) Is the above diagram correct. If so, why is Microsoft hiding the HyperV hosted instance it is using to host WSL2?

    Answer) Yes, above diagram is correct, Microsoft do this to keep your Network safe and since HyperV hosted Instance have vNIC hosting it make it more secure and less vulnerable from getting hacked while keeping it globally hosted. Doing such activity is mostly done with the motive of making the system more secure to use.

    2) To enable egress for Ubuntu hosted instance, I think it cannot natively connect to HyperV switch... but needs bridge.. not sure why.

    Answer) Whenever you connect natively connect to HyperV Switch it will have limited distribution not global, Bridge in between allow it to be securely globally distributed and used. Bridge also helps in maintaining connection using HyperV and NIC in your system without any latency and incompatibility.

    3) Why am I not able to bind HyperV to OpenVPN VPN TAP connection but other TAP connections show as available to HyperV as "external" target NICs

    Answer) Because you can't directly bind internally as HyperV is virtual that's why TAP connections shows it available as external target NICs because your hardware NIC and configured internal HyperV are different they can't be bind internally because it's not virtualNIC you're using to bind to OpenVPN VPN TAP connection instead it's physical NIC.

    4) Website https://learn.microsoft.com/en-us/windows/wsl/wsl-config gives limited options to effect WSL2, but to me, an important one is "what interface it bridges to. Where is the target bridge host interface defined? If I could just issue a command to flip that "NIC" to Gb vs Wifi vs TAP interface, that would solve much of this.

    Answer) If you flip that "NIC" to Gb vs Wifi vs TAP interface it will create a compatibility issue.

    I hope I was able to answer your question in most easy way.

    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments
  2. Jeremey Wise 11 Reputation points
    2022-04-01T15:37:53.083+00:00

    Thanks for response.

    A couple followup questions:

    1) I have not vetted out what the exact process is .. but its rather convoluted where every time I now reboot Windows 11, I have to do the (aproximate set of steps to get things back working)
    a) HyperV switch has disapeared. I call mine "WSL" and it does not show anymore under HyperV manager
    b) WSL instance fails to launch saying 'device missing"
    c) Remove checkbox / binding of HyperV from all physical NICs
    d) Remove all checkbox / bindings of bridging from all phyical NICs
    e) Stop WSL services (LxxManager)
    f) Create new HyperV virtual switch called "WSL", but you have to set to Internal only or it errors with issue with duplication with lots of notes about interfaces etc... (noted in previous posts)
    g) Disable physical NIC
    h) Enable checkbox binding for HyperV for the NIC
    i) Modify HyperV Switch "WSL" to bind not just internal but to the physical NIC
    j) Start WSL services (lxssManager)
    k) Launch connection to default WSL instance (note that connection works and no error about missing device)... many times this fails and step and some weird set of actions above have to be re-done till I get WSL login..)
    l) Go to list of NICS and select "HyperV WSL" virtual internface and "Physical NIC" and bridge
    m) restart WSL
    n) Start ping -t from Windows and from WSL.. and re-enable / disable / flip from Physical NIC binding to private and back... till some how.. it comes up and starts allowing PING from WSL AND base OS outbound.
    o) Go have lunch... ... come back and start day :)

    2) Above is rather unholy. And I have not yet figured out a repeatable pattern to get things working, as their does not seem to be a set of commands / tools to do a true mapping of "Current state of configuraiton" where I can plug in real details of connections into my crude diagram : vNIC (eth0) -> Bridge (bridge of HyperV to Gb/Wifi NIC) -> HyperVswitch "WSL" -> Physical NIC. Is their someone who can review my unholy set of steps.. and maybe add in "run this command here to list / validate what mapping is" so I am not poking in the dark blindly to get it to work?

    3) Why does the vSwitch keep disapearing ever reboot?

    4) Why does the WSL instances, not just show up as Virtual machines in HyperV if that is the underlying engine? Why are they hiding them?

    5) The lack of bridging to VPN TAP is problematic (as I get more on the road, the VPN logical interface will be needed more)... I need to better understand the VPN type /limitations for HyperV to use as bridge iterface.. some VPN TAPs "show up as valid targets" while others do not. (see image below)

    189273-wsl-vpn-tap.jpg

    I really do appreciate response. I am not by any means the only one who wants to lean into WSL , but needs to get it to work with known and stable path and configuration, I have gotten a lot of pings on this thread.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.