I have several services running on my windows host machine. Some of then are acessible via wsl running in ports 8090, 8091. Others in other ports just hangs forever.
The error message connection refused means that there is no service listening on this port. Make sure that your services uses this port. On Linux you can check with netstat -apn (executed as root user) which services listens on which port. On Windows tool like https://learn.microsoft.com/en-us/sysinternals/downloads/tcpview show all ports and the services listing on these ports.
It’s important to understand that WSL2 is running in a virtualized network that is NAT’d behind a Hyper-V router running on the Windows host. This means that, from the perspective of WSL2, your Windows host is actually on a separate network.
For that reason, there are typically three causes for not being able to connect to services running in Windows from WSL2:
First, and this most likely isn’t the case since you mention that you can get to some services, you need to use the address of the Hyper-V router itself to communicate with services on Windows. That address can be seen in the default route from:
ip route
And far too many guides provide a far-too-complicated suggestion of using something like:
echo $(ip route list default | awk '{print $3}')
… to obtain the address needed for Windows services.
However, assuming you aren’t using a Windows 10 version that has passed its end-of-support date, you should be able to use mDNS as noted in my answer here. To summarize:
echo $(hostname).local
Again, though, I’m assuming you are already doing this since you mention you can access some services. That wouldn’t be possible if you were using localhost in WSL2 to try to communicate with Windows services.
The second reason is that, since the Windows and WSL2 networks are separate, your service cannot be listening on 127.0.0.1/localhost only. That will allows connections from the Windows localhost, but WSL2 connections will fail, since they are coming from another address. Make sure to bind to 0.0.0.0. The instructions for doing so will depend on the service you are configuring.
Finally, you could be running into a firewall issue. If I recall correctly, the Hyper-V network is set to Public by default, and I haven’t been able to find a way to change it in recent Windows versions. Previously, you could use Set-NetConnectionProfile, but that hasn’t worked in the last few Windows releases.
As a result, the Firewall will typically reject untrusted connections unless you configure allow rules for the services. Often, Windows will offer a UI for creating the permanent rule the first time a particular port is accessed externally, but (in my experience) it’s easy to miss this dialog since it often gets relocated under another window. After this, you do have to create the rule manually, either through the Windows Defender UI or from PowerShell with New-NetFirewallRule.
2
Answers
The error message
connection refused
means that there is no service listening on this port. Make sure that your services uses this port. On Linux you can check withnetstat -apn
(executed as root user) which services listens on which port. On Windows tool like https://learn.microsoft.com/en-us/sysinternals/downloads/tcpview show all ports and the services listing on these ports.It’s important to understand that WSL2 is running in a virtualized network that is NAT’d behind a Hyper-V router running on the Windows host. This means that, from the perspective of WSL2, your Windows host is actually on a separate network.
For that reason, there are typically three causes for not being able to connect to services running in Windows from WSL2:
First, and this most likely isn’t the case since you mention that you can get to some services, you need to use the address of the Hyper-V router itself to communicate with services on Windows. That address can be seen in the default route from:
And far too many guides provide a far-too-complicated suggestion of using something like:
… to obtain the address needed for Windows services.
However, assuming you aren’t using a Windows 10 version that has passed its end-of-support date, you should be able to use mDNS as noted in my answer here. To summarize:
Again, though, I’m assuming you are already doing this since you mention you can access some services. That wouldn’t be possible if you were using
localhost
in WSL2 to try to communicate with Windows services.The second reason is that, since the Windows and WSL2 networks are separate, your service cannot be listening on
127.0.0.1
/localhost
only. That will allows connections from the Windows localhost, but WSL2 connections will fail, since they are coming from another address. Make sure to bind to0.0.0.0
. The instructions for doing so will depend on the service you are configuring.Finally, you could be running into a firewall issue. If I recall correctly, the Hyper-V network is set to Public by default, and I haven’t been able to find a way to change it in recent Windows versions. Previously, you could use
Set-NetConnectionProfile
, but that hasn’t worked in the last few Windows releases.As a result, the Firewall will typically reject untrusted connections unless you configure allow rules for the services. Often, Windows will offer a UI for creating the permanent rule the first time a particular port is accessed externally, but (in my experience) it’s easy to miss this dialog since it often gets relocated under another window. After this, you do have to create the rule manually, either through the Windows Defender UI or from PowerShell with
New-NetFirewallRule
.