使用实际 IP 从 WSL2 连接到主机
[英]Connectivity from WSL2 to host by using actual IP
问题描述
Has anyone used WSL2 and connected to the host machine using its actual IP instead of through the WSL2 Network Adapter IP?
有没有人使用 WSL2 并使用其实际 IP 而不是通过 WSL2 网络适配器 IP 连接到主机?
My situation is this: My ip is 192.168.1.2我的情况是这样的:我的ip是192.168.1.2
I start a webserver on my actual machine, it binds to 127.0.0.1, and 192.168.1.2 I want do connect to the webserver from within a docker container under WSL2.我在我的实际机器上启动了一个网络服务器,它绑定到 127.0.0.1 和 192.168.1.2 我想从 WSL2 下的 docker 容器内连接到网络服务器。 If I ping/telnet/curl to 192.168.1.2 the call simply fails from a timeout, this happens both from my docker container as well as straight from within ubuntu under WSL2如果我 ping/telnet/curl 到 192.168.1.2 调用只是因为超时而失败,这既发生在我的 docker 容器中,也发生在 WSL2 下的 ubuntu 中
I have verified that I can ping my router at 192.168.1.1 from within my docker container.我已经验证我可以从我的 docker 容器中 ping 192.168.1.1 的路由器。 I cannot access 192.168.1.2 from within my WSL2 shell outside of docker.我无法从 docker 外部的 WSL2 shell 中访问 192.168.1.2。 I cannot use 127.0.0.1 as a replacement, as the end goal is to run a setup of docker inside WSL2, that calls the webserver on my machine (ie I want to start up 4 services and a database through docker, and then actively develop and debug a 5 service on my actual machine).我不能使用 127.0.0.1 作为替代,因为最终目标是在 WSL2 中运行 docker 的设置,它调用我机器上的网络服务器(即我想通过 docker 启动 4 个服务和一个数据库,然后积极开发并在我的实际机器上调试 5 服务)。
I've tried disabling the firewall completely to no avail.我试过完全禁用防火墙无济于事。
Does anyone have an idea of what it could be?有谁知道它可能是什么? Or if I'm even supposed to be able to access 192.168.1.2 from within WSL2.或者,如果我什至应该能够从 WSL2 中访问 192.168.1.2。
1 个解决方案
解决方案1
1 2022-07-21 15:32:50
A few different ways (and things you might have to do) to make this work.几种不同的方法(以及您可能必须做的事情)来完成这项工作。 You may have some of this in place already:您可能已经准备好其中的一些:
First, as mentioned in the comments, the best name to use (in most cases) from WSL2 when accessing a service running Windows is the mDNS format
$(hostname).local(or the equivalent from whatever language you are using).首先,正如评论中提到的,在访问运行 Windows 的服务时(在大多数情况下)从 WSL2 使用的最佳名称是 mDNS 格式$(hostname).local(或您使用的任何语言的等效名称)。 This can be hardcoded as simply the Windows "Computer Name" + (concatenated with).local.这可以简单地硬编码为 Windows“计算机名”+(与) .local连接。Next, remember that the first time you try to access a network service on a port, Windows Defender Firewall will ask you for permission to create a rule.
接下来,请记住,当您第一次尝试访问某个端口上的网络服务时,Windows Defender 防火墙会询问您是否允许创建规则。 By default, this rule only applies to Private network profiles.默认情况下,此规则仅适用于专用网络配置文件。 As a result, a corresponding Block rule is created for the port on any Public network profile.因此,会为任何公共网络配置文件上的端口创建相应的阻止规则。 I honestly just discovered this when trying this out.老实说,我只是在尝试时才发现这一点。 I don't think I knew that a corresponding Block was generated by that GUI dialog.我认为我不知道该 GUI 对话框生成了相应的块。Since WSL's network is (oddly) considered Public , you'll need to delete that Block rule if it exists.
由于 WSL 的网络(奇怪地)被认为是Public ,因此您需要删除该Block规则(如果存在)。You'll then also need to open an Allow rule for the port from WSL.
然后,您还需要为来自 WSL 的端口打开允许规则。 Something like:就像是:New-NetFirewallRule -DisplayName "WSL Testing" -InterfaceAlias "vEthernet (WSL)" -Direction Inbound -Protocol TCP -LocalPort 80 -Action AllowThis will open the port on both Public and Private networks, but only on the WSL virtual interface.
这将在公共网络和专用网络上打开端口,但仅在 WSL 虚拟接口上打开。 It will still be blocked from other machines on the network (assuming that's what you want).它仍然会被网络上的其他机器阻止(假设这是你想要的)。Now for the bind address, you have several options:
现在对于绑定地址,您有几个选项:If you really do want to bind only to the WSL virtual network, then you'll need to either obtain (or parse somehow) the correct address, since it will after each reboot (or
wsl --shutdown).如果您确实只想绑定到 WSL 虚拟网络,那么您需要获取(或以某种方式解析)正确的地址,因为它会在每次重新启动后(或wsl --shutdown)。 You can see the correct address withipconfigin PowerShell, and look for:您可以在 PowerShell 中使用ipconfig查看正确的地址,然后查找:Ethernet adapter vEthernet (WSL): Connection-specific DNS Suffix . : ... IPv4 Address. . . . . . . . . . . : 172.25.208.1 Subnet Mask . . . . . . . . . . . : 255.255.240.0 ...In this case, the bind address would be
172.25.208.1.在这种情况下,绑定地址将是172.25.208.1。Alternatively, I don't believe there's much of a reason not to just bind to
0.0.0.0(all interfaces), since the firewall is going to block connections from other networks (assuming you specified the-InterfaceAlias "vEthernet (WSL)").或者,我认为没有太多理由不绑定到0.0.0.0(所有接口),因为防火墙会阻止来自其他网络的连接(假设您指定了-InterfaceAlias "vEthernet (WSL)") .However, from the comments, you also mention:
但是,从评论中,您还提到:192.168.1.2 is the IP of my WiFi connection.
192.168.1.2 是我的 WiFi 连接的 IP。 I know the IP isn't system wide, but the webserver binds to that IP, so I need to be able to access it我知道 IP 不是系统范围的,但网络服务器绑定到该 IP,所以我需要能够访问它If you really can't change the bind address to something else, then you won't be able to access it directly from WSL2.
如果您确实无法将绑定地址更改为其他内容,那么您将无法直接从 WSL2 访问它。 However, it's still possible to use port forwarding to get the packets to the right interface, if that's the case.但是,如果是这种情况,仍然可以使用端口转发将数据包发送到正确的接口。The easiest way to do this is to install/enable the Windows OpenSSH server , and then use something like:
最简单的方法是安装/启用Windows OpenSSH 服务器,然后使用类似的东西:ssh -L 80:localhost:80 $(hostname).localThat will make
localhost:80in WSL2 connect to the Windows service on port 80.这将使 WSL2 中的localhost:80连接到端口 80 上的 Windows 服务。If you need the server name to match some virtual host name (SNI), then you can add the hostname to your Windows host file (which is mapped into WSL2 by default) as a pointer to localhost.
如果您需要服务器名称与某个虚拟主机名 (SNI) 匹配,那么您可以将主机名添加到您的 Windows 主机文件(默认情况下映射到 WSL2)作为指向 localhost 的指针。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.