In this article
This article covers how to work around Hyper-V Internet Connection Sharing (ICS) issues when Roaming Client diagnostic logs show an error about being unable to bind to port 53.
Windows Roaming Client version 1.12.0 and newer have improved compatibility when running on machines that also leverage virtualized platforms or technologies. Prior agent versions saw conflict between these technologies and the use of port 53.
Improvements should be seen when using Hyper-V, Windows Subsystem for Linux (WSL), and Docker or Windows Sandbox containers.
What we know
While the Hyper-V hypervisor itself or its virtual machines do not conflict with the Roaming Client, we have seen issues with some services that the Hyper-V system uses. The chief culprit is the ICS service, which automatically runs a DNS server on 0.0.0.0:53 (all interfaces), which prevents the agent system service from being able to start.
On Windows 11 and 10 the issue likely occurs either after waking from sleep or after shutdown. The issue diagnostic logs for the agent will show an error about being unable to bind to port 53.
Windows Defender Application Guard
The Windows Defender Application Guard uses Hyper-V to open untrusted sites in an isolated container in the Microsoft Edge browser.
Work around this issue with the same steps listed below, or consider switching to Chrome Enterprise as the organization's primary browser.
How to work around the issue
If the Roaming Client service (DNS Agent/DNSFilter Agent) starts BEFORE the ICS service, the ICS service can start with no issues, so as a work around there are two approaches:
Option one: Disable Host Network Service triggers
- Open a command prompt under Administrator mode and disable any trigger for Host Network Service (HNS) via triggerinfo:
sc qtriggerinfo hns delete
- Restart the machine
Option two: Set HNS and ICS to manual startup type
Setting the HNS and ICS services to manual start as a startup type may give the Roaming Client enough time to start before them on a reboot. This avoids having to have manual stop/start of services each time to get the agent to run.
- Stop the Host Network Service (HNS) service (required before you can stop the ICS service)
- Stop the Internet Connection Sharing service
- Start the Roaming Client service
- Restart the Host Network Service (which will automatically restart the ICS service as well)
Comments
0 comments
Article is closed for comments.