I have a MySQL server running on Debian (Server version: 5.5.60-0+deb8u1 (Debian)). Everything worked fine until rebooting the server. Now I can only connect to my MySQL server via localhost, whereas via 127.0.0.1 doesn't work:
$ mysql -h 127.0.0.1 -u root -p gives me ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 0
I have port 3306 open in the firewall and the server seems to be listening on 3306:
$ netstat -plnt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 20877/mysqld
Connecting to 3306 with telnet doesn't seem to work, neither (for both localhost and 127.0.0.1):
$ telnet 127.0.0.1 3306
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
In my my.cnf I have bind-address = 127.0.0.1, which shouldn't be the problem...
In /etc/hosts there are these lines
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
I am just not able to find the error, do you have any ideas?
It turned out that TCP-Wrappers were denying the connection to 127.0.0.1. Solved by adding mysqld: 127.0.0.1 to the /etc/hosts.allow-file.
I'm following this tutorial for Master-slave-replication
for my database replication and this working fine for test servers in which both servers have not ssl installed. But when I trying to do the same with my production server where only master has ssl installed not slave server, I'm getting this error Slave I/O: error connecting to master 'server-ipaddress:3306' - retry-time: 60 retries: 86400, Error_code: 2003. Is this problem of ssl connection or something else.
Also when setting up mysql configuration on master server after taking dump file of database and unlocking tables my mysql server shut down with my website showing this error error establishing database connection after restarting mysql my website working fine again.
My master server is running on nginx server with wordpress installed and I have also checked that 3306 is listening on my master server.
Why my slave unable to connect to my master server, any solution?
You can use command below to check the ip address mysql server is listening
netstat -nlt | grep 3306
sample result:
tcp 0 0 xxx.xxx.xxx.xxx:3306 0.0.0.0:* LISTEN
If the result showing same result like me then add a replication master user to access the server database.
If netfilter firewall is enabled (sudo ufw enable) on mysql server machine, do the following to open port 3306 for remote access:
sudo ufw allow 3306
check status again :
sudo ufw status
You will see your tcp port for 3306 is open for connection from anywhere. Now you try to connect from slave server you will get the result.
i solved like this:
sudo iptables -I INPUT 1 -p tcp -s ipmaster --dport 3306 -j ACCEPT
sudo iptables -I INPUT 2 -p tcp --dport 3306 -j DROP
MySQL remote access
I have a mysql database, running on Ubuntu Server 12.04 that I need to access remotely. For some reason this is become much more of a chore than I think it should be.
I have been through countless threads trying to resolve this issue with no luck what so ever. I do not have another linux box to test my connection. I am only using the MySQL Workbench from a Window 7 machine.
Here is what I have done so far:
set the iptables to accept
set the my.cnf to have the bind address of the server
created a user for both localhost and %
grant all to those users
restarted mysql
verified the user has all priv
verified mysql is listening on 3306
give the correct setting to Workbench and I get
"Your connection attempt failed for user 'USER' from your host to server at x.x.x.x:3306:
Can't connect to MySQL server on 'x.x.x.x' (10061)"
EDIT: I did notice that it show 'localhost and NOT the ipaddress when I run this cmd, but i'm not sure how to change that, or if it is even the issue. Thoughts?
# lsof -i -P | grep :3306
mysqld 5775 mysql 10u IPv4 154265 0t0 TCP localhost:3306 (LISTEN)
vim /etc/mysql/my.cnf
Change the following line to reflect as below:
(bind-address = 127.0.0.1)
bind-address = 0.0.0.0
Close the file then and restart mysql
To verify that mysql port 3306 is listening on all interfaces:
netstat -lnt | grep 3306
You should see this:
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
Find mysql config file (/etc/mysql/)
comment out the following line by putting a hash character in front of it as shown -> #bind-address = 127.0.0.1
-> Restart the server: sudo service mysql restart
This question is related to the following questions:
Can't connect to MySQL server error 111
Trying to connect to remote MySQL host (error 2003)
I am configuring a new MySQL (5.1) server on my local machine. I need to provide remote access to the database. I did the following steps:
Comment bind-address in my.cnf:
# bind-address = 192.168.1.3
Grant privileges:
GRANT ALL PRIVILEGES ON *.* TO 'nickruiz'#'%' IDENTIFIED BY PASSWORD 'xxxx';
Set port forwarding on router (TCP and UDP, port 3306, 192.168.1.3)
Configure iptables for firewall
sudo iptables -I INPUT -p udp --dport 3306 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 3306 --syn -j ACCEPT
sudo iptables-save
Restart mysql server sudo /etc/init.d/mysql restart
When testing, I get the following:
LAN:
mysql -h 192.168.1.3 -u nickruiz -p
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 95
Server version: 5.1.63-0ubuntu0.11.04.1 (Ubuntu)
Remote:
mysql -h 1xx.xx.4.136 -u nickruiz -p
ERROR 2003 (HY000): Can't connect to MySQL server on '1xx.xx.4.136' (111)
Clearly there's something wrong that's preventing me from being able to use my global IP address.
Notes:
I've tried testing the remote connection on the same machine and also
via SSH from a remote machine.
I'm not sure if my ISP has given me a static IP.
Any ideas?
Update:
telnet doesn't seem to be working.
telnet 192.168.1.3 3306
Trying 192.168.1.3...
Connected to 192.168.1.3.
Escape character is '^]'.
E
5.1.63-0ubuntu0.11.04.1,0g8!:#pX;]DyY0#\)SIConnection closed by foreign host.
Please check your listenning ports with :
netstat -nat |grep :3306
If it show
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
Thats is ok for your remote connection.
But in this case i think you have
tcp 0 192.168.1.3:3306 0.0.0.0:* LISTEN
Thats is ok for your remote connection.
You should also check your firewall (iptables if you centos/redhat)
services iptables stop
for testing or use :
iptables -A input -p tcp -i eth0 --dport 3306 -m state NEW,ESTABLISHED -j ACCEPT
iptables -A output -p tcp -i eth0 --sport 3306 -m state NEW,ESTABLISHED -j ACCEPT
And another thing to check your grant permission for remote connection :
GRANT ALL ON *.* TO remoteUser#'remoteIpadress' IDENTIFIED BY 'my_password';
errno 111 is ECONNREFUSED, I suppose something is wrong with the router's DNAT.
It is also possible that your ISP is filtering that port.
Check that your remote host (i.e. the web hosting server you're trying to connect FROM) allows OUTGOING traffic on port 3306.
I saw the (100) error in this situation. I could connect from my PC/Mac, but not from my website. The MySQL instance was accessible via the internet, but my hosting company wasn't allowing my website to connect to the database on port 3306.
Once I asked my hosting company to open my web hosting account up to outgoing traffic on port 3306, my website could connect to my remote database.
/etc/mysql$ sudo nano my.cnf
Relevant portion that works for me:
#skip-networking
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address = MY_IP
MY_IP can be found using ifconfig or curl -L whatismyip.org |grep blue.
Restart mysql to ensure the new config is loaded:
/etc/mysql$ sudo service mysql restart
I had the same problem trying to connect to a remote mysql db.
I fixed it by opening the firewall on the db server to allow traffic through:
sudo ufw allow mysql
if the system you use is CentOS/RedHat, and rpm is the way you install MySQL, there is no my.cnf in /etc/ folder, you could use:
#whereis mysql
#cd /usr/share/mysql/
cp -f /usr/share/mysql/my-medium.cnf /etc/my.cnf
I have got a same question like you, I use wireshark to capture my sent TCP packets, I found when I use mysql bin to connect the remote host, it connects remote's 3307 port, that's my falut in /etc/mysql/my.cnf, 3307 is another project mysql port, but I change that config in my.cnf [client] part, when I use -P option to specify 3306 port, it's OK.
i set my bind-address correctly as above but forgot to restart the mysql server (or reboot) :) face palm - so that's the source of this error for me!
Sometimes when you have special characters in password you need to wrap it in '' characters, so to connect to db you could use:
mysql -uUSER -p'pa$$w0rd'
I had the same error and this solution solved it.
I had this same error and I didn't understand but I realized that my modem was using the same port as mysql. Well, I stop apache2.service by sudo systemctl stop apache2.service and restarted the xammp, sudo /opt/lampp/lampp start
Just maybe, if you were not using a password for mysql yet you had, 1045 (28000): Access denied for user 'root'#'localhost' (using password: YES), then you have to pass an empty string as the password
Not sure as cant see it in steps you mentioned.
Please try FLUSH PRIVILEGES [Reloads the privileges from the grant tables in the mysql database]:
flush privileges;
You need to execute it after GRANT
Hope this help!
We are facing a strange problem from last few days between our application server and database server(Mysql): connection to database server from application server hangs in SYN_SENT state and after that we are not able to make any connection to database server on mysql port(3306). When we checked the netstat output on database server its in SYN_RECV state.
What I can figure out is mysql server is receiving the SYN request and responding also and its not reaching to the client hence SYN_RECV at server side and SYN_SENT at client side. I think SYN_SENT state should go after some time and because of this other db connection attempts to same server should not hang.
Does anybody have any idea how can we resolve this issue?
Out setup details : Application server: RHEL 5.4, kernel-release = 2.6.18-164.el5, x86_64 Database server: Mysql Version : 5.1.49 RHEL 5.4, kernel-release = 2.6.18-164.el5, x86_64
Fix for server with only localhost access:
set 127.0.0.1 in the bind address in my.cnf
Fix for connection to remote ip's
(REMOTE_IP replace with remote ip)
iptables -A INPUT -p tcp -d 127.0.0.1 --dport 3306 -s REMOTE_IP -j ACCEPT
iptables -A INPUT -p udp -d 127.0.0.1 --dport 3306 -s REMOTE_IP -j ACCEPT
iptables -A INPUT -p tcp --dport 3306 -j DROP
iptables -A INPUT -p udp --dport 3306 -j DROP
Also you need to set bind ip in my.cnf to 0.0.0.0. Second rule you don't need, I just made it to be sure ;) (udp part)
Proof of concept:
first allow the connection from remoteip to the destination (-d 127.0.0.1 = localhost)
-p tcp / udp = protocoll tcp or udp
after this rules you need to make a rule to drop all requests to tcp / udp connections to port 3306.
Why is this working:
Because iptables is going is "numeric". Always 1 rule after another.
you can see your rules with the command:
iptables -L INPUT -n --line-numbers
the first rule which is displayed is the first rule so if you say accept all connections and afterward drop from ip x.x.x.x all connections then it doesn't work.
you need to pick as first rule to drop all connections from this ip and afterwards allow all connections. (it's a bad example..)
if you failed an entry you can display your rules and take the number in front of the rule and drop the rule with the command:
iptables -D INPUT <<number here>>