I am trying to connect to an external mysql server from a computer which is inside a vlan where my application will run. The remote server is not a member of the vlan. The following is what I have tried so far.
Mysql Port forwarding from my vlan server
ssh -L 3306:my-vlan-server-ip:3306 user-at-external-server#external-server-ip
In this case I get a ssh timeout message.
Tried to do it directly from my php mysql_connect I get mysql error #111 yet I have already edited the my.cnf as:
#skip-networking
bind-address =my-vlan-server-ip
My php db connect script
<?php
$conn=mysql_connect("external-server-ip","user","pass");
if($conn)
{
echo "success";
}
else
{
echo "fail";
}
?>
Kindly someone help.Let me know where I am going wrong. Thanks.
If I understand you correctly you are running the ssh client on the vlan server (=my-vlan-server-ip)?
The local tunnelling (-L) basicly forwards the first port to the given port on the given address, i.e -L 80:someserver:8080 forwards port 80 on the local machine to port 8080 on someserver... so if you want to connect to 3306 on the remote server via ssh you do:
ssh -L 3306:external-server-ip:3306 user-at-external-server#external-server-ip
(or just -L 3306:localhost:3306, localhost will then refer to the server to which you are connecting, ie external-server-ip)
localhost:3306 is then forwarded to external-server-ip:3306
in the php script running on my-vlan-server-ip you then connect to localhost:3306, which is then forwarded to external-server-ip by ssh...
Related
I have a MySQL database, hosted by me on a Windows server, and I would like to query it from a remote webserver. When I try to connect to the MySQL database using PHP (I know, I should be using mysqli):
$connection = #mysql_connect("203.0.113.0:3306", "username", "password");
With or without specifying the port, after a long time of loading, I get this error with an errorno of 2003:
Can't connect to MySQL server on '203.0.113.0' (4)
Here is what I get when I run netstat -n in command prompt on the server that is hosting the MySQL server: http://pastebin.com/pbRJNqCZ. It filled up the screen so I couldn't copy everything, but I know that everything else was (I saw a couple ports with a value of 3306, which is the MySQL port):
TCP 127.0.0.1:port 127.0.0.1:port ESTABLISHED
When I run netstat -a | find "LISTENING" I get: http://pastebin.com/Lqj2BrQK
Here's what I know so far:
It isn't an error with the MySQL server not being up, because I can connect to it locally.
It isn't an error with the webserver not being able to connect to MySQL databases, because I can connect to other databases
It isn't an authentication error (The username and password are correct, and the remote server has permission)
It isn't a port forwarding error, because the port 3306 is fowarded on both TCP & UDP.
It isn't an error with being able to connect to the machine the server is hosted on, because I can ping it fine.
The server isn't only listening on the localhost interface. skip-networking and bind-address are commented out in my my.cnf file.
How could I edit my connection code, or edit my MySQL server to fix this error?
Summarizing our discussion/chat:
Bind the network address 0.0.0.0 in my.cnf: bind-address = 0.0.0.0 and ensure skip-networking is commented out or not present.
Check netstat -a | find "LISTENING"
According to your pastebin there is a service listening on 3306. Test if the port is reachable on the NIC address from the server itself. This way an external firewall does not take effect. A simple test is to try a telnet connection to that port. More detailed information can be catched by the tool nmap. Nmap has displayed the mysql port as filtered. This adverts to a problem with a local packet filter, in this case the Windows firewall.
Ensure the Windows firewall is configured to allow public access to TCP port 3306 from all or a specific machine. Setup a rule in public profile or, if both servers are controled by the same domain controller, in domain profile. When the access from local machine is successful try the same from the remote web server.
If you fail to properly configure remote access to MySql port, consider to establish a SSH tunnel between the two machines. Once established you can access to MySql as if it were on the local machine. The port is then forwarded via the tunnel and on the database server side you can access the service on localhost loopback IP.
I am trying to connect to a remote mySQL server from a Godaddy hosting account.
$con = mysqli_connect("xx.xx.xx.xx","username","pass","db_name",'3306');
I am using the above code, but keep getting the following error back:
Can't connect to MySQL server on 'xx.xx.xx.xx' (110)
From the error it seems that it's trying to connect on port 110, even though I have specified 3306 as the port in the PHP call.
If the script resides on the same machine as the mysql server then change the ip address to 'localhost' and since you're using the default port you can drop that as well.
If your script is attempting to connect to a machine outside of your localhost, you may need to allow the ip either via iptables or the remote mysql host within cpanel.
i want to connect hosted server database through local server here is my code
<?php
$con=mysql_connect("myserverDbHostname","mydatabaseUsername","Password");
if($con)
{
echo "connect";
mysql_select_db("DatabaseName");
else
{
echo "not connect";
}
?>
when i run this file in local server (xammp server) it could n't be connect i get
Warning: mysql_connect() [function.mysql-connect]: Can't connect to
MySQL server on
i get "not connect" response
can any one guide me
Thanks for advance.
There a three things you need to connect to a remote database:
port 3306 open on the firewalls. Firewalls in server and client must open port 3306!
in my.cnf bind-address = 0.0.0.0 to let mysql bind to all interfaces
sufficient privileges in the database to allow remote connections
Virtual all hosting companies close port 3306 on the firewall, and do not allow direct remote access. And even if they do, you won't get privileges to connect to a database.
Only if the remote database is in your LAN, or you are using a VPS with root access you can configure things to make a remote connection.
I'm trying to access a MySQL database on server X from a php script on server Y. Both are dedicated cPanel servers that I have root access to. Here's what I've tried:
On server X I put the IP address of server Y in the "Additional MySQL Access Hosts" feature of WHM.
On server X I logged into the cPanel for the account hosting the database I'm trying to connect to and I entered server Y's IP on the "Remote Database Access Hosts" page.
On server X I whitelisted server Y's IP in the firewall and opened incoming/outgoing port 3306 TCP.
On server X I added server Y's IP address to the /etc/hosts.allow file
Despite all of these things I've tried, whenever I try to run the script on server Y I get the timeout message:
Warning: mysql_connect() [function.mysql-connect]: Lost connection to MySQL server at 'reading initial communication packet', system error: 110
This is my PHP code:
$host = '123.456.789.0'; //server X's IP
$db = 'user_test';
$user = 'user_test';
$pass = 'password';
if(mysql_connect($host, $user, $pass)){
mysql_select_db($db);
}
else die(mysql_error());
Thanks!
Not sure how much of a help it will be, but try to open my.cnf and replace the bind-address setting (127.0.0.1 OR localhost) with your live server ip.
Have you contacted your hosting provider to see if they can help?
Is there a firewall on the linux machine you're connecting to?
Did you test your my.cnf file with 127.0.0.1 and localhost?
What version of MySQL are you running on both machines? Can you upgrade them?
I've got a web server with one host, and I'd like to use the database on another host.
I'd like to use port forwarding to do this, and have already set up the forwarded port using
ssh -P -fg -L23307:myserver.net:3306 myname#myserver.net sleep 1d
This seems to be working properly (although if someone could tell me how to check, that would be great), but I can't get PHP to connect to MySQL through that port - it keeps trying to connect to its own local MySQL database (which isn't running).
$mlink = mysql_connect( "localhost:23307", "myusername", "mypassword" );
mysql_select_db( 'mydatabase', $mlink ) or die ( "Error - cannot connect to database localhost:23307.<br />Error: ".mysql_error() );
As you can see, I'm not doing anything that complicated, so why does it keep trying to connect locally?
So, turns out the answer was "don't trust people when they say they've opened the port on the firewall".
Anyone want a job?
I faced the same issue. But there was no firewall problem involved. In fact, when you are doing SSH tunneling, you need not have to change any firewall setting.
I solved it by changing 'localhost' to '127.0.0.1' in the mysql_connect() parameter list.
Refernce link - https://blog.rjmetrics.com/2009/01/06/php-mysql-and-ssh-tunneling-port-forwarding/
Excerpt -
Connecting via MySQL
It’s time to see all of our hard work pay off. From our local machine, we simply issue the following command:
$mysql -u sqluser -p -h 127.0.0.1 -P 3307
Notice that the MySQL host is 127.0.0.1, which is the same as the bind-address value on the remote server’s my.cnf file. It’s important that we use this value and not localhost, since we are ultimately accessing a forwarded TCP port, and specifying localhost causes MySQL to ignore TCP altogether and simply connect to the local server via a local socket. Accordingly, notice that we have specified port 3307 to make the connection; this is the TCP port we are forwarding.