Docker Desktop Wsl2 linux container can no longer access local network since v4.36.0

[viceice]

Description

Docker container started with wsl2 backend can no longer access local network.

Reproduce

1. docker run --rm -it alpine sh
2. ping 192.168.158.1 (local gateway (dsl router) fails

Expected behavior

Local network should be accessable from containers.

docker version

Already downgraded!
---

Client:
 Version:           27.3.1
 API version:       1.47
 Go version:        go1.22.7
 Git commit:        ce12230
 Built:             Fri Sep 20 11:42:27 2024
 OS/Arch:           windows/amd64
 Context:           desktop-linux

Server: Docker Desktop 4.35.1 (173168)
 Engine:
  Version:          27.3.1
  API version:      1.47 (minimum version 1.24)
  Go version:       go1.22.7
  Git commit:       41ca978
  Built:            Fri Sep 20 11:41:11 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.21
  GitCommit:        472731909fa34bd7bc9c087e4c27943f9835f111
 runc:
  Version:          1.1.13
  GitCommit:        v1.1.13-0-g58aa920
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

Already downgraded!
---

Client:
 Version:    27.3.1
 Context:    desktop-linux
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.17.1-desktop.1
    Path:     C:\Program Files\Docker\cli-plugins\docker-buildx.exe
  compose: Docker Compose (Docker Inc.)
    Version:  v2.29.7-desktop.1
    Path:     C:\Program Files\Docker\cli-plugins\docker-compose.exe
  debug: Get a shell into any image or container (Docker Inc.)
    Version:  0.0.37
    Path:     C:\Program Files\Docker\cli-plugins\docker-debug.exe
  desktop: Docker Desktop commands (Alpha) (Docker Inc.)
    Version:  v0.0.15
    Path:     C:\Program Files\Docker\cli-plugins\docker-desktop.exe
  dev: Docker Dev Environments (Docker Inc.)
    Version:  v0.1.2
    Path:     C:\Program Files\Docker\cli-plugins\docker-dev.exe
  extension: Manages Docker extensions (Docker Inc.)
    Version:  v0.2.27
    Path:     C:\Program Files\Docker\cli-plugins\docker-extension.exe
  feedback: Provide feedback, right in your terminal! (Docker Inc.)
    Version:  v1.0.5
    Path:     C:\Program Files\Docker\cli-plugins\docker-feedback.exe
  init: Creates Docker-related starter files for your project (Docker Inc.)
    Version:  v1.3.0
    Path:     C:\Program Files\Docker\cli-plugins\docker-init.exe
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
    Version:  0.6.0
    Path:     C:\Program Files\Docker\cli-plugins\docker-sbom.exe
  scout: Docker Scout (Docker Inc.)
    Version:  v1.14.0
    Path:     C:\Program Files\Docker\cli-plugins\docker-scout.exe

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 3
 Server Version: 27.3.1
 Storage Driver: overlayfs
  driver-type: io.containerd.snapshotter.v1
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: nvidia runc io.containerd.runc.v2
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 472731909fa34bd7bc9c087e4c27943f9835f111
 runc version: v1.1.13-0-g58aa920
 init version: de40ad0
 Security Options:
  seccomp
   Profile: unconfined
 Kernel Version: 5.15.167.4-microsoft-standard-WSL2
 Operating System: Docker Desktop
 OSType: linux
 Architecture: x86_64
 CPUs: 32
 Total Memory: 31.34GiB
 Name: docker-desktop
 ID: 6fbc834f-88a5-46c8-8c88-c7fd5a156122
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 No Proxy: hubproxy.docker.internal
 Labels:
  com.docker.desktop.address=npipe://\\.\pipe\docker_cli
 Experimental: false
 Insecure Registries:
  hubproxy.docker.internal:5555
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support
WARNING: daemon is not using the default seccomp profile

Diagnostics ID

12DBB95A-27C0-4B1E-AB1E-A09D9CA130D7/20241211114249

Additional Info

Uninstall and reinstall 4.35.1 (173168) works again

[KoalaBear84]

Ah, finally, I'm having the exact same issue. But for me it came without installing a new version, it just 'happened' as far as I know.

Then I updated everything, docker apache/php versions, Docker Desktop itself.

An even easier way to reproduce:
docker run --rm -it alpine ping -c 1 192.168.178.25

docker run --rm -it alpine ping -c 1 192.168.178.25
PING 192.168.178.25 (192.168.178.25): 56 data bytes
^C
--- 192.168.178.25 ping statistics ---
1 packets transmitted, 0 packets received, 100% packet loss

I currently have these versions:
Docker Desktop 4.36.0 (175267)

wsl --version
Versión de WSL: 2.3.26.0
Versión de kernel: 5.15.167.4-1
Versión de WSLg: 1.0.65
Versión de MSRDC: 1.2.5620
Versión de Direct3D: 1.611.1-81528511
Versión DXCore: 10.0.26100.1-240331-1435.ge-release
Versión de Windows: 10.0.19045.5247

docker version
Client:
 Version:           27.3.1
 API version:       1.47
 Go version:        go1.22.7
 Git commit:        ce12230
 Built:             Fri Sep 20 11:42:27 2024
 OS/Arch:           windows/amd64
 Context:           desktop-linux

Server: Docker Desktop 4.36.0 (175267)
 Engine:
  Version:          27.3.1
  API version:      1.47 (minimum version 1.24)
  Go version:       go1.22.7
  Git commit:       41ca978
  Built:            Fri Sep 20 11:41:11 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.21
  GitCommit:        472731909fa34bd7bc9c087e4c27943f9835f111
 runc:
  Version:          1.1.13
  GitCommit:        v1.1.13-0-g58aa920
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

I'll try to uninstall and reinstall Docker Desktop..

[KoalaBear84]

Wow.. It indeed works.. Thanks!! But why :(

Not great to re "docker compose up" everything, but hopefully it works.

docker run --rm -it alpine ping -c 1 192.168.178.25
Unable to find image 'alpine:latest' locally
latest: Pulling from library/alpine
Digest: sha256:21dc6063fd678b478f57c0e13f47560d0ea4eeba26dfc947b2a4f81f686b9f45
Status: Downloaded newer image for alpine:latest
PING 192.168.178.25 (192.168.178.25): 56 data bytes
64 bytes from 192.168.178.25: seq=0 ttl=63 time=1.063 ms

--- 192.168.178.25 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 1.063/1.063/1.063 ms

[viceice]

@KoalaBear84 Did re-install v4.36.0 worked? or the downgrade to v4.35.1?

[KoalaBear84]

The latest, v4.36.0

All is finally well now. There also was a Cloudflare problem at the same time, so I thought that COULD be it, but it didn't as I found out this morning.

And thanks again! :)

[viceice]

ok, another manual upgrade and a reboot seems to have fixed the issue

[mtraynham]

I think I'm seeing a similar issue.

I noticed this with 4.36.0 a few weeks ago and then downgraded to 4.35.1 to fix it. I've recently upgraded to 4.37.1, and while it worked for a week or so, it just randomly started occurring again.

I tried a few things without success:

• A system reboot
• Docker Daemon restart
• Docker for Windows factory reset
• WSL2 restart
• mv ~/.docker/config.json ~/.docker/config.json.bak (inside WSL2; had worked with an auth issue for an earlier bug)

It appears that WSL2 pulls just hang. In the dockerd.log on the host I see:

time="2024-12-30T13:03:46.216923714Z" level=info msg="trying next host" error="failed to do request: Head \"https://registry-1.docker.io/v2/library/python/manifests/3.12\": context canceled" host=registry-1.docker.io spanID=1c6654a8297508d2 traceID=f6d5aeecdc3ca500d0545f048c57e662
time="2024-12-30T13:03:46.217526882Z" level=info msg="Cancel with lease, leased resources will remain until expiration" expires_at="2024-12-30 21:02:29.982445891 +0000 UTC m=+28817.340026634" lease=982448707-RCRj spanID=fc782d9ba66d4b95 traceID=f6d5aeecdc3ca500d0545f048c57e662
time="2024-12-30T13:03:46.217612666Z" level=error msg="Handler for POST /v1.47/images/create returned error: failed to resolve reference \"docker.io/library/python:3.12\": failed to do request: Head \"https://registry-1.docker.io/v2/library/python/manifests/3.12\": context canceled" spanID=fc782d9ba66d4b95 traceID=f6d5aeecdc3ca500d0545f048c57e662

Once downgrading to 4.35.1, it has resumed working.

Not sure if there's some series of commands that cause this to happen as I've been using 4.37.1 for about a week and it just started randomly. I'm additionally running a Docker Swarm cluster locally.

Client:
 Version:    27.3.1
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.17.1-desktop.1
    Path:     /usr/local/lib/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.29.7-desktop.1
    Path:     /usr/local/lib/docker/cli-plugins/docker-compose
  debug: Get a shell into any image or container (Docker Inc.)
    Version:  0.0.37
    Path:     /usr/local/lib/docker/cli-plugins/docker-debug
  desktop: Docker Desktop commands (Alpha) (Docker Inc.)
    Version:  v0.0.15
    Path:     /usr/local/lib/docker/cli-plugins/docker-desktop
  dev: Docker Dev Environments (Docker Inc.)
    Version:  v0.1.2
    Path:     /usr/local/lib/docker/cli-plugins/docker-dev
  extension: Manages Docker extensions (Docker Inc.)
    Version:  v0.2.27
    Path:     /usr/local/lib/docker/cli-plugins/docker-extension
  feedback: Provide feedback, right in your terminal! (Docker Inc.)
    Version:  v1.0.5
    Path:     /usr/local/lib/docker/cli-plugins/docker-feedback
  init: Creates Docker-related starter files for your project (Docker Inc.)
    Version:  v1.3.0
    Path:     /usr/local/lib/docker/cli-plugins/docker-init
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
    Version:  0.6.0
    Path:     /usr/local/lib/docker/cli-plugins/docker-sbom
  scout: Docker Scout (Docker Inc.)
    Version:  v1.14.0
    Path:     /usr/local/lib/docker/cli-plugins/docker-scout

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 1
 Server Version: 27.3.1
 Storage Driver: overlayfs
  driver-type: io.containerd.snapshotter.v1
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 nvidia runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 472731909fa34bd7bc9c087e4c27943f9835f111
 runc version: v1.1.13-0-g58aa920
 init version: de40ad0
 Security Options:
  seccomp
   Profile: unconfined
 Kernel Version: 5.15.167.4-microsoft-standard-WSL2
 Operating System: Docker Desktop
 OSType: linux
 Architecture: x86_64
 CPUs: 32
 Total Memory: 30.14GiB
 Name: docker-desktop
 ID: c4cd5cb8-2e07-428b-9ea7-58c9ef5f5e91
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 No Proxy: hubproxy.docker.internal
 Labels:
  com.docker.desktop.address=unix:///var/run/docker-cli.sock
 Experimental: false
 Insecure Registries:
  hubproxy.docker.internal:5555
  127.0.0.0/8
 Registry Mirrors:
  https://docker.nuc/
 Live Restore Enabled: false

WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support
WARNING: daemon is not using the default seccomp profile

[NONOThingC]

Problem still remains in the newest version[4.37.1] for me...