Hi everyone, I am running a self-hosted n8n instance using Docker Compose on Windows 11 (via Docker Desktop / WSL 2). My workflows involving the Gmail node were working fine until yesterday. Suddenly, I started receiving connection errors.
Initially, I had DNS issues (EAI_AGAIN), which I resolved by fixing resolv.conf in WSL. However, now I am stuck with an SSL/TLS connection drop error. Even though DNS resolution works, the connection is reset during the SSL handshake.
Error Message in n8n:
NodeOperationError: The connection to the server was closed unexpectedly, perhaps it is offline.
Full message: Client network socket disconnected before secure TLS connection was established
Error code: EAI_AGAIN (intermittently) or Connection Reset
Debug commands running inside the container: I ran wget inside the n8n container to test connectivity to Google APIs. It resolves the IP but fails at the SSL handshake: docker exec -it n8n wget --spider https://gmail.googleapis.com
Output:
Connecting to gmail.googleapis.com (142.250.185.234:443)... connected.
OpenSSL: error:0A000126:SSL routines::unexpected eof while reading
wget: error getting response: Connection reset by peer
What I have tried so far (and didn’t work):
DNS Fix: Hardcoded Google DNS (8.8.8.8) in both docker-compose.yml and WSL’s /etc/resolv.conf (locked via /etc/wsl.conf). nslookup works fine now.
IPv6 Disabled: Added N8N_DISABLE_IPV6=true and NODE_OPTIONS=--dns-result-order=ipv4first to environment variables.
MTU Adjustment: Tried lowering the MTU in docker-compose network settings to 1400, 1350, and even 1200 to rule out packet fragmentation issues.
Firewall: Temporarily disabled Windows Firewall and Antivirus (web protection).
Timeouts: Increased timeout settings and enabled “Retry on Fail” in the node settings.
Relevant part of my docker-compose.yml:
services:
n8n:
image: n8nio/n8n:latest
environment:
N8N_DISABLE_IPV6=true
NODE_OPTIONS=–dns-result-order=ipv4first
WEBHOOK_URL=https://my-domain.com/
dns:
8.8.8.8
1.1.1.1
networks:
demo
networks:
demo:
driver:bridge
driver_opts:
com.docker.network.driver.mtu: “1200”
Has anyone experienced this sudden “Unexpected EOF” / “Connection Reset” with Google services on Docker Desktop recently? Any help would be appreciated.
I am connecting to this machine (a Windows virtual machine) via Remote Desktop (RDP).
There is no VPN or Proxy active on the host machine. It connects directly to the internet.
I had to manually configure DNS (8.8.8.8) in Docker and WSL because the default DNS inheritance from the Host OS was failing. Without manual DNS settings, I was getting constant EAI_AGAIN errors.
Even though DNS resolution is working now (I can ping/curl Google), I am getting SSL routines::unexpected eof and Connection reset errors specifically with Google services.
Hi @Gulce, welcome to the community !
Thank you for sharing the detailed description of the problem and the attempted solutions; it is very helpful for diagnosing the cause. Linux never gives me this headache, but in your case with Win11, the ideal is to use Mirrored Networking Mode. Accessing network applications with WSL | Microsoft Learn
Hello, thank you. The article you sent seems to be for Windows 11 users, but I’m using Windows 10. The application was working fine last week, why am I suddenly encountering this problem?
After days of debugging, I have finally resolved all connectivity issues (EAI_AGAIN, Client network socket disconnected, SSL routines::unexpected eof).
Since running Docker on Windows (WSL2) introduces specific network complexities (MTU size, DNS resets, IPv6 conflicts), I am sharing the complete step-by-step solution that worked for me. This includes resetting the Windows network stack, fixing WSL DNS, and optimizing the Docker Compose configuration.
Here is the full guide:
Step 1: Reset Windows Network Stack (Crucial)
Before touching Docker, clear any stale IP/DNS states in Windows. Open PowerShell as Administrator and run these commands in order:
netsh winsock reset
netsh int ip reset
ipconfig /flushdns
IMPORTANT: Restart your computer immediately after running these commands.
Step 2: Fix WSL DNS (Prevent Auto-Reset)
WSL2 tends to reset /etc/resolv.conf on every reboot, breaking DNS.
Open PowerShell and enter your Docker distro: wsl -d docker-desktop
Create/Edit /etc/wsl.conf to stop auto-generation:
[network]
generateResolvConf = false
Edit /etc/resolv.conf and manually set a reliable DNS:
nameserver 8.8.8.8
nameserver 8.8.4.4
Exit and restart WSL: wsl --shutdown
Step 3: Update docker-compose.yml
This step fixes the SSL Handshake and Packet Drop issues.
MTU 1200: Fixes the “Connection closed unexpectedly” error by preventing packet fragmentation.
Force TLS 1.2: Some corporate/ISP firewalls block TLS 1.3 packets inside Docker.
No Quotes: Do not use quotes for NODE_OPTIONS, or the container will fail to start.
My Working Configuration:
version: '3.8'
networks:
demo:
driver: bridge
driver_opts:
com.docker.network.driver.mtu: "1200" # <--- CRITICAL FIX for SSL Drops
services:
n8n:
image: n8nio/n8n:latest
restart: always
ports:
- "5678:5678"
networks:
- demo
environment:
- WEBHOOK_URL=https://my-domain.com/
- N8N_DISABLE_IPV6=true
# IMPORTANT: No quotes around the value below!
- NODE_OPTIONS=--dns-result-order=ipv4first --tls-max-v1.2
dns:
- 8.8.8.8
- 8.8.4.4
Step 4: Clean Docker Networks & Restart
Finally, remove any old cached networks and restart the stack. Run these commands in your project folder:
docker compose down
docker network prune # Press 'y' to confirm
docker compose up -d
Summary of Results
Google/Gmail Nodes: Now connecting instantly (Fixed via MTU 1200 & TLS 1.2).
AI Agent Nodes: Working perfectly (Note: If you get “Insufficient Quota” error here, check your OpenAI billing balance, it’s not a network error).
I hope this guide saves time for anyone else facing these specific Windows/WSL2 network headaches…
!
