WSL 2.0 UDP broadcast not received

[huiminghao]

Windows Version

1000.22674.1000.0

WSL Version

2.0.0.0

Are you using WSL 1 or WSL 2?

• WSL 2
• WSL 1

Kernel Version

5.15.123.1-microsoft-standard-WSL2

Distro Version

Debian11.7

Other Software

[experimental]
autoMemoryReclaim=gradual
networkingMode=mirrored
dnsTunneling=true
autoProxy=true

Repro Steps

My linux app can not receive UDP broadcast packets from eth0. Unicast packets are ok.
App with Golang.
Use GOOS=windows and run from cmd works well.

Expected Behavior

Linux should recv broadcast UDP packets.

Actual Behavior

No broadcast UDP packets received.

Diagnostic Logs

wireshark can not see the UDP broadcast packets from wsl's eth0 neither.

[OneBlue]

@keith-horton: Can you look into this issue ?

[keith-horton]

"wireshark can not see the UDP broadcast packets neither"

If Wireshark cannot see the UDP broadcast packets, then they are not getting past NDIS - so they wouldn't be available to forward to the container.

I would look at the switch or router to see if it's allowing broadcasts to be sent.

[huiminghao]

"wireshark can not see the UDP broadcast packets neither"

If Wireshark cannot see the UDP broadcast packets, then they are not getting past NDIS - so they wouldn't be available to forward to the container.

I would look at the switch or router to see if it's allowing broadcasts to be sent.

I run Wireshark from wsl/Debian, broadcast packets were not listed.

[zcobol]

@huiminghao you'll have to add a firewall rule for packets to reach the WSL container. After oppening port 9999 with new-netfirewallhyperVRule -Name wsl-udp-test -LocalPorts 9999 -Action Allow -DisplayName wsl-udp-test -Direction Inbound UDP broadcast packets can be receive by eth0. Sample net trace:

tcpdump: listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
19:56:37.860391 IP (tos 0x0, ttl 64, id 31483, offset 0, flags [DF], proto UDP (17), length 34)
    192.168.1.130.49244 > 192.168.1.255.9999: [udp sum ok] UDP, length 6
19:56:51.311167 IP (tos 0x0, ttl 64, id 33286, offset 0, flags [DF], proto UDP (17), length 34)
    192.168.1.130.52793 > 192.168.1.255.9999: [udp sum ok] UDP, length 6

I have firewall=true set in .wslconfig but w/out adding the above rule it didn't work.

[huiminghao]

@huiminghao you'll have to add a firewall rule for packets to reach the WSL container. After oppening port 9999 with new-netfirewallhyperVRule -Name wsl-udp-test -LocalPorts 9999 -Action Allow -DisplayName wsl-udp-test -Direction Inbound UDP broadcast packets can be receive by eth0. Sample net trace:

tcpdump: listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
19:56:37.860391 IP (tos 0x0, ttl 64, id 31483, offset 0, flags [DF], proto UDP (17), length 34)
    192.168.1.130.49244 > 192.168.1.255.9999: [udp sum ok] UDP, length 6
19:56:51.311167 IP (tos 0x0, ttl 64, id 33286, offset 0, flags [DF], proto UDP (17), length 34)
    192.168.1.130.52793 > 192.168.1.255.9999: [udp sum ok] UDP, length 6

I have firewall=true set in .wslconfig but w/out adding the above rule it didn't work.

Thanks. I tried and it works well now. Multicast UDP packets ara received without rule set, different from broadcast UDPs.
I alse tried:

powershell: set firewallRule
.wslconfig: firewall=false
cmd.exe:  wsl --shutdown
wsl: receive boradcast udp packets, ok
.wslconfig: firewall=true
cmd.exe:  wsl --shutdown
wsl: receive boradcast udp packets, ok

Seems netfirewallhyperVRule discards firewall=true.

[keith-horton]

Yes, this is correct. Adding a HyperV Firewall rule is required.
Thanks!