[TriLUG] what could block port=3306?

Robert Dale robdale at gmail.com
Sat Jan 19 07:38:08 EST 2008


what are the firewall rules on lane?  `iptables-save`

On Jan 19, 2008 6:28 AM, Tom Roche <Tom_Roche at pobox.com> wrote:
>
> So I have a testbed for an application which essentially consists of 2
> LAMP boxes (call one "lane" and the other "server") behind a
> router/firewall. The latter forwards 22 (only) to one of the LAMP
> boxes. The 2 MySQLs need to communicate, so each box has 2 MySQL
> accounts={is4clane, is4cserver}, one to talk to itself, and the other
> for the other.
>
> Simple enough, but right now one box is blocking 3306. From either
> inside or outside the private network, I can do
>
> $ ssh user at lane
> ...
> user at lane:~$ telnet server 3306
> Trying server...
> Connected to server.
> ...
>
> but when I
>
> $ ssh user at server
> ...
> user at server:~$ telnet lane 3306
> Trying lane...
> telnet: Unable to connect to remote host: Connection refused
>
> Things I've checked:
>
> * I get the same behavior whether I SSH into the network from outside,
>    or whether I connect physically inside the firewall.
>
> * both boxes have the same connection to the firewall: both cable into
>    the same hub, which cables to the firewall.
>
> * there are no uncommented lines in any of
>    {server,lane}:/etc/hosts.{allow,deny}
>
> * both boxes are running the same 5.0.x version of MySQL installed by
>    the same vanilla Ubuntu Server Edition.
>
> * both {server,lane}:/etc/mysql/my.cnf have
>
>  > # Instead of skip-networking the default is now to listen only on
>  > # localhost which is more compatible and is not less secure.
>  > bind-address            = <local IP#/>
>
>    i.e. the IP# set in the box's /etc/network/interfaces
>
> * {server,lane} can connect to {lane,server} via ssh
>
> * mysqld is running on server and is locally connectable via
>    {is4cserver, is4clane}
>
> * mysqld is running on lane and is locally connectable via {is4clane,
>    is4cserver}
>
> + mysql can connect from lane to server as is4clane
>
> - mysql can't connect from server to lane as anything
>
> - port=3306 appears to be blocked on lane (as noted initially)
>
> How to fix? or what else to check?
>
> TIA, Tom Roche <Tom_Roche at pobox.com>
>
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>



-- 
Robert Dale



More information about the TriLUG mailing list