WSL

WSL, or Windows Subsystem for Linux, is a feature of Windows that allows you to run a Linux environment on your Windows machine, without the need for a separate virtual machine or dual booting. WSL is designed to provide a seamless and productive experience for developers who want to use both Windows and Linux at the same time^[1]

Enable WSL

1. Open PowerShell as Admin: Press Win + X and select "Terminal (Admin)" or "Windows PowerShell (Admin)".
2. Install WSL: Type wsl --install and press Enter. This command enables required features, installs the latest kernel, and defaults to Ubuntu.
3. Restart: Your computer will likely need to restart to complete the installation.
4. Optional : Create User: After reboot, a terminal window will open asking for a Linux username and password (these are separate from your Windows login).

Basic Usage on WSL machine

• Launch: Open the Start Menu and search for your installed distro (e.g., "Ubuntu") or type wsl in Command Prompt/PowerShell.
• Update Software: In your Linux terminal, run sudo apt update && sudo apt upgrade (for Ubuntu/Debian).
• Install Software: Use sudo apt install <package_name> (e.g., sudo apt install git).
• Access Windows Files: Your Windows drives are mounted under /mnt/ (e.g., cd /mnt/c/Users/YourUser).

WSL commands on Powershell

#WSL check status 
>wsl -l -v 

# Start WSL machine 
>wsl -d <machine name>

# Stop a WSL machine 
>wsl -t <machine name>

# Stop all WSL machine
>wsl --shutdown

WSL Networking

Networking in WSL can be configured in various ways to enable communication between Windows and Linux applications.

Default Networking Mode: NAT

By default, WSL uses a NAT (Network Address Translation) based architecture. This means that the Linux distribution running under WSL has its own IP address, separate from the Windows host. To access a Linux networking app from Windows, you can use localhost. Conversely, to access a Windows networking app from Linux, you need to use the IP address of the Windows host.

Identifying IP Addresses

• From Windows to Linux: To find the IP address of a Linux distribution running via WSL2, use the command:
  • wsl -d <DistributionName> hostname -I
• From Linux to Windows: To find the IP address of the Windows host from a Linux distribution, use the command:
  • ip route show | grep -i default | awk '{ print $3}'

Mirrored Mode Networking

On machines running Windows 11 22H2 and higher, you can enable mirrored mode networking by setting networkingMode=mirrored under [wsl2] in the .wslconfig file at C:\Users\<username> folder. The same folder is also available on WSL machine path /mnt/c/User/<username> or we can also use GUI version via Windows find menu "WSL Settings".

This mode mirrors the network interfaces from Windows into Linux, allowing for improved compatibility and much stable and faster than NAT.

Benefits of Mirrored Mode

• IPv6 Support: Enables IPv6 connectivity.
• Localhost Access: Allows connecting to Windows servers from within Linux using localhost (127.0.0.1).
• VPN Compatibility: Improved networking compatibility for VPNs.
• Multicast Support: Enables multicast networking.
• LAN Access: Allows connecting to WSL directly from your local area network (LAN).

Accessing Applications

• From Windows to Linux
  • To access a Linux networking app from Windows, you can use localhost as the destination address. For example, if you have a Node.js server running on Linux, you can access it from a Windows browser using http://localhost:3000.
• From Linux to Windows
  • To access a Windows networking app from Linux, you need to use the IP address of the Windows host. For example, to connect to a Node.js server running on Windows, you can use the following command in Linux:
  • curl http://<WindowsHostIP>:3000

Advanced Configuration

Microsoft recommends setting up the following firewall rules^[2] and Hyper-V firewall configuration^[3]

#Run the following command in PowerShell window with admin privileges to Configure Hyper-V firewall settings to allow inbound connections:

Set-NetFirewallHyperVVMSetting -Name '{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}' -DefaultInboundAction Allow

or 

New-NetFirewallHyperVRule -Name "MyWebServer" -DisplayName "My Web Server" -Direction Inbound -VMCreatorId '{40E0AC32-46A5-438A-A0B2-2B479E8F2E90}' -Protocol TCP -LocalPorts 80

You can configure advanced networking settings using the wsl.conf and .wslconfig files.

• wsl.conf file is used for per-distribution settings,
• .wslconfig file is used for global settings across all WSL distributions.
  

Example .wslconfig File : This configuration enables mirrored mode networking, DNS tunneling, and automatic proxy settings

[wsl2]
networkingMode=mirrored
dnsTunneling=true
autoProxy=true

By understanding and configuring these networking options, you can optimize the communication between your Windows and Linux applications running under WSL.

WSL machine network configuration

$ cat /etc/wsl.conf

$ cat /etc/wsl-distribution.conf

Access host GPU from WSL Machine

Nvidia GPU driver must be installed on Windows host. never install GPU driver on WSL machine.

add "/usr/lib/wsl/lib" in WSL machine's PATH environment variable then we can use nvidia-msi comand

Automatic start WSL machine on Boot

By default, WSL machine does not start on Windows bootup.

• Windows +R then put shell:startup then crate new text file named as wsl-startup.bat

Use Docker in WSL Machine

• On Windows host Powershell,
  • Install Docker desktop using https://docs.docker.com/desktop/setup/install/windows-install/
  • Docker Desktop > Resources > Enable integration with my default WSL distro Add user to Docker group
  • Add-LocalGroupMember -Group "docker-users" -Member "your-username"

• On WSL Machine
  • Ensure docker daemon is running : $sudo service docker status
  • Check /var/run/docker.sock permission
    • $ ls -al /var/run/docker.sock srw-rw---- 1 root docker 0 Dec 31 09:43 /var/run/docker.sock
  • Add user to docker group : $sudo usermod -aG docker $USER
  • Test docker commands : $ docker images REPOSITORY   TAG       IMAGE ID   CREATED   SIZE

Remote Connection to WSL

To login into WSL from remote,

• Setup SSH port on WSL machine and allow port access via Hyper-V firewall Rule

# Install openssh-server  then
# Add WSL machine SSH port by editing /etc/ssh/sshd_config 
Port 2222

# Save and restart sshd 

# on Windows Powershell configure Hyper-V port 
New-NetFirewallRule -DisplayName "Allow SSH Port 2222" -Direction Inbound -LocalPort 2222 TCP -Action Allow

# Check Hyper-v firewall rule 
Get-NetFirewallHyperVRule

Extra info

#check available OpenSSH service  
PS C:> Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'
Name  : OpenSSH.Client~~~~0.0.1.0
State : NotPresent

Name  : OpenSSH.Server~~~~0.0.1.0
State : NotPresent

# Install the OpenSSH Client
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

# Install the OpenSSH Server
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

# Reboot system and do following commands on powershell 

# Start the sshd service
Start-Service sshd

# OPTIONAL but recommended:
Set-Service -Name sshd -StartupType 'Automatic'

# Confirm the Firewall rule is configured. It should be created automatically by setup. Run the following to verify
if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue)) {
    Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
    New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
} else {
    Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
}

## Tips : Uninstall and Remove firewall rule
# install 
# Uninstall the OpenSSH Client
Remove-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
# Uninstall the OpenSSH Server
Remove-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

# Remove firewall rule 
if ((Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue)) {
    Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' is being removed."
    Remove-NetFirewallRule -Name 'OpenSSH-Server-In-TCP'
} else {
    Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, removal failed..."
}

# as Admin Powershell, Enable Windows ping response
Set-NetFirewallRule -Name CoreNet-Diag-ICMP4-EchoRequest-In -enabled True

References