Expected behavior

Docker pull works

Actual behavior

Docker pull does not work

Information

Windows 10 firewall is off

Log:
[18:11:08.955][Proxy ][Info ] 2016/04/16 18:11:08 Dial 10.0.75.2:2375
[18:11:08.966][Proxy ][Info ] 2016/04/16 18:11:08 Dial IP 10.0.75.2:2375
[18:11:09.009][Proxy ][Info ] 2016/04/16 18:11:09 proxy << GET /v1.23/info
[18:11:09.062][Proxy ][Info ] 2016/04/16 18:11:09 proxy >> POST /v1.23/images/create?fromImage=ubuntu&tag=latest
[18:11:09.072][Proxy ][Info ] 2016/04/16 18:11:09 Dial 10.0.75.2:2375
[18:11:09.080][Proxy ][Info ] 2016/04/16 18:11:09 Dial IP 10.0.75.2:2375
[18:11:09.267][Proxy ][Info ] 2016/04/16 18:11:09 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:09.278][Proxy ][Info ] 2016/04/16 18:11:09 Waiting for the port/IP to become available
[18:11:14.268][Proxy ][Info ] 2016/04/16 18:11:14 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:14.276][Proxy ][Info ] 2016/04/16 18:11:14 Waiting for the port/IP to become available
[18:11:19.269][Proxy ][Info ] 2016/04/16 18:11:19 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:19.277][Proxy ][Info ] 2016/04/16 18:11:19 Waiting for the port/IP to become available
[18:11:24.128][Proxy ][Info ] 2016/04/16 18:11:24 proxy << POST /v1.23/images/create?fromImage=ubuntu&tag=latest
[18:11:24.269][Proxy ][Info ] 2016/04/16 18:11:24 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:24.277][Proxy ][Info ] 2016/04/16 18:11:24 Waiting for the port/IP to become available
[18:11:29.270][Proxy ][Info ] 2016/04/16 18:11:29 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:29.278][Proxy ][Info ] 2016/04/16 18:11:29 Waiting for the port/IP to become available
[18:11:34.271][Proxy ][Info ] 2016/04/16 18:11:34 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:34.278][Proxy ][Info ] 2016/04/16 18:11:34 Waiting for the port/IP to become available
[18:11:39.272][Proxy ][Info ] 2016/04/16 18:11:39 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:39.280][Proxy ][Info ] 2016/04/16 18:11:39 Waiting for the port/IP to become available
[18:11:44.272][Proxy ][Info ] 2016/04/16 18:11:44 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:44.280][Proxy ][Info ] 2016/04/16 18:11:44 Waiting for the port/IP to become available
[18:11:49.272][Proxy ][Info ] 2016/04/16 18:11:49 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:49.280][Proxy ][Info ] 2016/04/16 18:11:49 Waiting for the port/IP to become available
[18:11:54.272][Proxy ][Info ] 2016/04/16 18:11:54 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:54.280][Proxy ][Info ] 2016/04/16 18:11:54 Waiting for the port/IP to become available
[18:11:59.273][Proxy ][Info ] 2016/04/16 18:11:59 listen udp 10.0.75.1:53: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
[18:11:59.280][Proxy ][Info ] 2016/04/16 18:11:59 Waiting for the port/IP to become available

is any process using this port 53 udp?

netstat -aon | findstr :53

C:\Windows\System32\svchost.exe is using that port

I do have skype and globalprotect vpn which may be messing with things, but
I’m not sure.

Peace

Harsh Singh

svchost is just the host process for Windows Services, you can find which services are running under that process id with the following command:

tasklist /SVC | findstr <process-id>

I have a lot more tips on trouble shooting and how the beta client works in my blog post: http://docker-saigon.github.io/post/Docker-Beta/

Once you have a good idea which service is using the port, you will need to decide if you can kill it as the docker proxy needs to use that port (see in the article)

Here is what I found: Sorry I didn’t reply sooner, the notify email skipped my inbox.

svchost.exe 584 Appinfo, Browser, CertPropSvc, DoSvc,
gpsvc, IKEEXT, iphlpsvc, LanmanServer,
lfsvc, ProfSvc, Schedule, SENS, SessionEnv,
SharedAccess, ShellHWDetection, Themes,
UserManager, Winmgmt, wuauserv

Following your post, This looks interesting:

Get-VMIntegrationService -VMName MobyLinuxVM -Name “Key-Value Pair Exchange” | fl

IsClustered : False
Enabled : True
OperationalStatus : {Ok, ProtocolMismatch}
PrimaryOperationalStatus : Ok
PrimaryStatusDescription : OK
SecondaryOperationalStatus : ProtocolMismatch
SecondaryStatusDescription : The protocol version of the component installed in the virtual machine does not match the version expected by the hosting system
StatusDescription : {OK, The protocol version of the component installed in the virtual machine does not match the version expected by the hosting system}
Name : Key-Value Pair Exchange
Id : Microsoft:844BB857-BAA4-4162-80A6-BA5B7898FCE1\2A34B1C2-FD73-4043-8A5B-DD2159BC743F
VMId : 844bb857-baa4-4162-80a6-ba5b7898fce1
VMName : MobyLinuxVM
VMSnapshotId : 00000000-0000-0000-0000-000000000000
VMSnapshotName :
CimSession : CimSession: .
ComputerName : DESKTOP-F5F8B1C
IsDeleted : False
VMCheckpointId : 00000000-0000-0000-0000-000000000000
VMCheckpointName :

PS C:\Users\harsingh.babun\cygwin\home\harsingh> New-NetFirewallRule -Name “DockerTcp” -DisplayName “DockerTcp” `

-Program “C:\Program Files\Docker\Docker\resources\com.docker.proxy.exe” -Protocol TCP `
-Profile Any -EdgeTraversalPolicy DeferToUser -Enabled True
New-NetFirewallRule : Cannot create a file when that file already exists.
At line:1 char:1

• New-NetFirewallRule -Name “DockerTcp” -DisplayName “DockerTcp” `

•   + CategoryInfo          : ResourceExists: (MSFT_NetFirewallRule:root/standardcimv2/MSFT_NetFirewallRule) [New-NetF
   irewallRule], CimException
    + FullyQualifiedErrorId : Windows System Error 183,New-NetFirewallRule
  
  

PS C:\Users\harsingh.babun\cygwin\home\harsingh>
PS C:\Users\harsingh.babun\cygwin\home\harsingh> New-NetFirewallRule -Name “DockerUdp” -DisplayName “DockerUdp” `

-Program “C:\Program Files\Docker\Docker\resources\com.docker.proxy.exe” -Protocol UDP `
-Profile Any -EdgeTraversalPolicy DeferToUser -Enabled True
New-NetFirewallRule : Cannot create a file when that file already exists.
At line:1 char:1

• New-NetFirewallRule -Name “DockerUdp” -DisplayName “DockerUdp” `

•   + CategoryInfo          : ResourceExists: (MSFT_NetFirewallRule:root/standardcimv2/MSFT_NetFirewallRule) [New-NetF
   irewallRule], CimException
    + FullyQualifiedErrorId : Windows System Error 183,New-NetFirewallRule
  
  

PS C:\Users\harsingh.babun\cygwin\home\harsingh> Get-VMComPort -VMName MobyLinuxVM | fl | Out-String

Path : \.\pipe\MobyLinuxVM-com1
DebuggerMode : On
Name : COM 1
Id : Microsoft:844BB857-BAA4-4162-80A6-BA5B7898FCE1\8E3A359F-559A-4B6A-98A9-1690A6100ED7\0
VMId : 844bb857-baa4-4162-80a6-ba5b7898fce1
VMName : MobyLinuxVM
VMSnapshotId : 00000000-0000-0000-0000-000000000000
VMSnapshotName :
CimSession : CimSession: .
ComputerName : DESKTOP-F5F8B1C
IsDeleted : False
VMCheckpointId : 00000000-0000-0000-0000-000000000000
VMCheckpointName :

Path :
DebuggerMode : Off
Name : COM 2
Id : Microsoft:844BB857-BAA4-4162-80A6-BA5B7898FCE1\8E3A359F-559A-4B6A-98A9-1690A6100ED7\1
VMId : 844bb857-baa4-4162-80a6-ba5b7898fce1
VMName : MobyLinuxVM
VMSnapshotId : 00000000-0000-0000-0000-000000000000
VMSnapshotName :
CimSession : CimSession: .
ComputerName : DESKTOP-F5F8B1C
IsDeleted : False
VMCheckpointId : 00000000-0000-0000-0000-000000000000
VMCheckpointName :

In case you have Acrylic DNS Proxy make sure it is not running

I got the same error when using port 2468, but after I change to port 12468, it works well. and I was sure the port 2468 was not used before.