WSL fix using random private subnets

WSL is a nice way to work with Linux development environment from Windows. It works pretty decently after version 2, that switched to using proper virtualization instead of translating syscalls and other weird magic.

Unfortunately, it has one serious problem: subnet for WSL is selected randomly from all available private subnets, preferably from range. So you turn on your notebook, start WSL, connect to your work VPN and oops - that subnet is already used 🤷‍♂️.

Issue on Github to add subnet configuration support in WSL is opened since 2019. People in comments contacted developers and their position is that this by design, to make WSL networking transparent for newbies, and this won’t be changed.

Funny thing, VirtualBox selects random private subnet for host-only networking adapters. But these subnets are fixed after initial creation and easily can be changed later. Newbies are happy, advanced users are happy, and nobody is having problems. But that’s not how WSL developers like to do it.

WSL selects random private subnet on first start, subnet will not be changed after wsl --shutdown, only reboot will help. But it does ignore subnets that are already in use. In comments to the issue people proposed to create dummy network interfaces using all subnets except what we need WSL to start using. @jgregmac made this script:

For some reason it does not work for me, so I made my own version. It brings up dummy network interfaces, starts WSL and then brings them down.

First, I already have VirtualBox on my machine. So I will use it’s host-only network interfaces to protect my subnets.


  • File - Host NetworkManager
    • Create - IPv4: Network Mask: DHCP Server: [ ]
    • Create - IPv4: Network Mask: DHCP Server: [ ]

⚙Settings - Network & Internet - Change Adapter Options

  • Rename interfaces to something more meaningful, like “Vbox-WSL-fix-10” and “Vbox-WSL-fix-172-16”.

Create script C:\Users\<YOUR USERNAME>\bin\WSL-subnet-fix.ps1:

# Start dummy interfaces protecting required private subnets

netsh interface set interface "Vbox-WSL-fix-10" enable
netsh interface set interface "Vbox-WSL-fix-172-16" enable

# start WSL, that is forced to select subnet not overlapping with protected subnets

wsl ip a

# Stop dummy interfaces protecting required private subnets

netsh interface set interface "Vbox-WSL-fix-10" disable
netsh interface set interface "Vbox-WSL-fix-172-16" disable

Winkey+R - taskschd.msc

Create New Task

  • General
    • Name: WSL-subnet-fix
    • (*) Run only when user is logged in
    • [x] Run with highest privileges
  • Triggers
    • At log on: Specific user: your user
  • Actions
    • Start a program
      • Program: powershell.exe
      • Arguments: -windowstyle hidden -file "C:\Users\<YOUR USERNAME>\bin\WSL-subnet-fix.ps1"

Voila, you can use WSL and don’t have it screw up your work VPN.

If you need fixed static IP for your WSL machine, you may look at this solution by @protang. It adds secondary fixed private subnet to WSL network interface.

License: This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License Share: share on reddit share on hacker news share on facebook share on twitter share on linkedin share on slashdot