Fix mirrored networking loopback endpoint creation failure - Updated#40886
Open
OwenJRJones wants to merge 10 commits into
Open
Fix mirrored networking loopback endpoint creation failure - Updated#40886OwenJRJones wants to merge 10 commits into
OwenJRJones wants to merge 10 commits into
Conversation
## Problem
After installing KB5074109 (January 2026), WSL mirrored networking fails to
create the loopback endpoint, causing localhost (127.0.0.1) TCP/UDP connections
to fail. Users see the loopback0 interface in state DOWN with NO-CARRIER.
## Root Cause Analysis
HNS loopback networks no longer accept firewall policies when creating
endpoints. Direct HCN API testing confirms:
- Test 1: Endpoint WITH firewall policy -> 0x803B001B (FAIL)
Error: 'Invalid JSON document string. {{Policies.VmCreatorId,UnknownField}}'
- Test 2: Endpoint with VirtualNetwork field -> 0x803B001B (FAIL)
Error: 'Invalid JSON document string. {{VirtualNetwork,UnknownField}}'
- Test 3: Endpoint with HostComputeNetwork only -> 0x00000000 (SUCCESS)
The current code in MirroredNetworking::AddNetworkEndpoint() creates all
endpoints with firewall policies when m_config.FirewallConfig.Enabled() is
true (the default), causing loopback endpoint creation to fail silently.
## Solution
- Add IsLoopback field to HNSNetwork struct to detect loopback networks
- Skip firewall policies when creating endpoints on loopback networks
- Use HostComputeNetwork instead of VirtualNetwork for loopback endpoints
## Testing
Verified on Windows Build 26220.7535:
1. HCN API tests confirm endpoint creation succeeds without firewall policies
2. WSL localhost TCP connectivity works when loopback0 is properly configured
Fixes microsoft#14080
Related: microsoft#14063
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Fixes mirrored networking endpoint creation failures on loopback networks after KB5074109 by detecting loopback networks via IsLoopback and avoiding endpoint policies that HCN rejects in that scenario.
Changes:
- Detect loopback HNS networks and create endpoints using simplified settings (no policies) while targeting
HostComputeNetwork. - Extend the HNS network JSON schema model to parse the
IsLoopbackproperty. - Reformat the
HNSNetworkJSON macro usage inhns_schema.h(to satisfy CI/style constraints).
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
src/windows/service/exe/MirroredNetworking.cpp |
Adds a loopback-network code path to avoid unsupported endpoint policy creation and use simplified endpoint settings. |
src/shared/inc/hns_schema.h |
Adds IsLoopback to the HNSNetwork schema and updates the JSON mapping formatting. |
Member
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary of the Pull Request
Fix loopback endpoint creation failure in mirrored networking mode after KB5074109. - Courtesy of @benm-dev (see #14081)
Fixed formatting issue in
hns_schema.hthat was preventing CI from passing - @OwenJRJonesPR Checklist
Detailed Description
After KB5074109, HNS loopback networks reject firewall policies when creating endpoints, returning error 0x803B001B. This fix detects loopback networks via
IsLoopbackproperty and uses simplified endpoint settings without policies.Validation Steps Performed