Why can’t ROS 2 find my robots on the LAN when I run it inside WSL2?

Common causes include NAT/missing multicast forwarding and restrictive Hyper-V/Windows Firewall rules. Enable WSL2’s mirrored networking in %UserProfile%\ .wslconfig and add targeted UDP/ICMP/TCP rules for your robot’s IP. See the Quick start examples on this page.

WSL2 Hyper-V Firewall (CLI)

Manage Windows Hyper-V firewall rules from WSL. One command to create/search/delete TCP/UDP/ICMP rules for specific IPs — no GUI, no guesswork.

Script: wsl_ros2_hv_firewall.py (run inside WSL; it calls powershell.exe on Windows)

Why this is useful (ROS / ROS 2)

If your robot is on the LAN and your nodes run in WSL2, Windows’ Hyper-V firewall often blocks:

ROS 2 DDS discovery (multicast/broadcast over UDP)
ROS 1 master / services (TCP ports like 11311)
Simple reachability (ICMP/ping)

This tool opens the right paths between WSL ↔ Windows ↔ your robot’s IP(s) so discovery works, topics show up, and connections stop timing out — without disabling the firewall or allowing the whole subnet.

FAQ — Troubleshooting (“it doesn’t work”)

Why does DDS / multicast fail between Windows and WSL2?
Why can I ping devices on the LAN but ROS 2 topics don’t show up in WSL2?
Why doesn’t WSL2 receive multicast packets from the host / network?
How do I fix WSL2 not forwarding UDP multicast?

(These reflect common reports: NAT/mirroring differences and Windows/Hyper-V firewall behavior frequently break DDS/multicast discovery.) Stack Overflow

Networking note (required for ROS)

Enable WSL’s mirrored networking so DDS/multicast and inbound traffic reach WSL correctly:

# %UserProfile%\.wslconfig
[wsl2]
networkingMode=mirrored

Then restart WSL:

wsl --shutdown

(These rules target Hyper-V in mirrored mode and play nicely with ROS.)

FAQ — Configuration / How-to

How do I enable networkingMode=mirrored in WSL2 to allow ROS 2 multicast?
How do I configure the Hyper-V firewall so ROS 2 DDS discovery works?
Which Hyper-V firewall rules are required to allow WSL2 ↔ LAN device communication?
How do I bridge or connect the vEthernet (WSL) interface to my physical network adapter?
What .wslconfig settings are recommended for running ROS / ROS2 in WSL2?

(Mirrored mode can help but has edge cases; Hyper-V-specific firewall rules are the documented way to allow inbound traffic to the WSL VM.) Microsoft Learn

Features

Create / delete / search Hyper-V firewall rules
TCP / UDP / ICMPv4, inbound / outbound / both
Multiple IPs, custom local/remote ports
Idempotent (won’t duplicate)
--dry-run to preview
Optional JSON snapshot with --db
Safety guard for mass deletes (override with --all)

Requirements

Windows 10/11 with Hyper-V (admin rights for firewall changes)
WSL (Ubuntu etc.), Python 3
powershell.exe reachable from WSL

Windows PowerShell

Zusätzlich zu WSL kannst du das Skript auch direkt in Windows PowerShell ausführen (ohne WSL):

py -3 wsl_ros2_hv_firewall.py -h
# oder
python wsl_ros2_hv_firewall.py -h

Voraussetzung: Python ist unter Windows installiert/auffindbar. Das Skript ruft die benötigten PowerShell-Cmdlets lokal auf.

FAQ — Commands / Examples

Which PowerShell commands open UDP / ICMP / TCP for a single host in Hyper-V?
Example: How do I create firewall rules for ROS1 (port 11311) via script?
How can I test multicast routing between Windows, WSL2 and a Raspberry Pi?

(There are documented PowerShell Get/Set/New-NetFirewallHyperVRule flows and many community example scripts.) Microsoft Learn

Quick start

# Help
python3 wsl_ros2_hv_firewall.py -h

# ROS/ROS2: allow all protocols IN+OUT for a robot IP (scoped to a single host)
python3 wsl_ros2_hv_firewall.py create --ip 192.168.0.213

# ROS1 (tighter): allow TCP IN for ports 11311,8080 only
python3 wsl_ros2_hv_firewall.py create \
  --ip 192.168.0.213 \
  --protocol tcp \
  --direction in \
  --local-ports 11311,8080 \
  --remote-ports 11311,8080

# Search rules (and also write a JSON snapshot)
python3 wsl_ros2_hv_firewall.py --db search

# Delete by exact/wildcard name (dry run first)
python3 wsl_ros2_hv_firewall.py delete --name 'WSL-ROS2-*' --dry-run

# More examples
python3 wsl_ros2_hv_firewall.py examples

FAQ — Troubleshooting / Debugging

How do I check whether Windows is dropping multicast before it reaches WSL2?
Which logs and tools help with debugging (Wireshark on host vs WSL, netstat, ss)?
Why does running a “multicast consumer” on Windows sometimes allow WSL to receive packets?

(Common debugging steps include using ros2 multicast send/receive, Wireshark on the host interface, and verifying subnet/mirroring.) docs.ros.org

FAQ — Security / Production readiness

Is it safe to open Hyper-V firewall rules for entire subnets?
How can I make firewall rules idempotent and reversible via a script?

(Best practice: scope rules to specific VM/host IPs and ports; use scripted Get-* checks before creating/deleting rules.) Microsoft Learn

Notes

Persistence is off by default. Add --db (before or after the subcommand) to write wsl_ros2_firewall_rules.json.
Mass deletes are limited; pass --all to confirm large removals.

If this helped your ROS setup in WSL, a ⭐️ would be awesome.
Spotted a bug or have an idea? Issues and PRs welcome!

References

raspberry pi - ROS2 communication between WSL and rpi — Stack Overflow
Accessing network applications with WSL — Microsoft Learn
Configure Hyper-V firewall — Microsoft Learn
Installation troubleshooting — ROS 2 Documentation — docs.ros.org
not getting udp multicast working in the new mirrored … — GitHub Discussions
ros2multicast — CLI tool (send/receive) — docs.ros.org
Advanced settings in WSL (.wslconfig) — networkingMode=mirrored — Microsoft Learn
WSL update introducing “Mirrored” networking — Microsoft DevBlogs