mysql over TCP and far out PIDs
Jamon Camisso
jamon.camisso-H217xnMUJC0sA/PxXw9srA at public.gmane.org
Thu Feb 20 03:59:16 UTC 2014
On 19/02/14 04:30 PM, Darryl Moore wrote:
> coool, I never knew about ss. Thx.
>
> Using it I see:
> # ss -l -n -p | grep mysql
> LISTEN 0 50 *:3306 *:* users:(("mysqld",9248,10))
>
> Which matches the PID and shows mysql is listening
> # ps ax | grep mysql
> 9248 ? Ssl 0:02 /usr/sbin/mysqld
> 9310 pts/1 S+ 0:00 tail -f /var/log/mysql/error.err
> 10691 pts/2 S+ 0:00 grep --color=auto mysql
>
> Yeah.
>
> But I still get that error when I try to log in via TCP
Are you using mysql -h 127.0.0.1 -u user dbname to login? Telnet is only
able to report what MySQL tells it, which is that it is listening on
127.0.0.1:3306 and that MySQL has closed the connection in your example
below.
I would use a proper MySQL client, even if telnet seems good enough.
> It's not a mysql user permission issue. Besides the fact that all
> servers are set up the same, I can telnet into that port with two very
> different results.
>
> # telnet 127.0.0.1 3306
> Trying 127.0.0.1...
> Connected to 127.0.0.1.
> Escape character is '^]'.
> Connection closed by foreign host.
>
> Boom. She dies right away on my broken machines, but on the one that
> works, get this:
>
> telnet localhost 3306
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> [
> 5.5.35-0ubuntu0.12.04.2T��JL{J?>X���6/(vA~wZ;Z2+mysql_native_password
>
> ...so it wants a password which is what I world expect.
>
>
> So why does mysql listen on the port but then immediately close the
> connection?
Have you tried on ::1 - I'm not sure how MySQL works with IPv6, but if
you don't specify an address, and MySQL does indeed have IPv6 enabled,
you could try that as a different method to to test connections to
localhost. Check your /etc/hosts and you'll see that localhost resolves
to both 127.0.0.1 and ::1 depending on if traffic is IPv4 or IPv6.
Again, I do not know if MySQL does IPv6 by default.
You could also bind to another interface and try that.
Eliminate localhost/127.0.0.1/::1 altogether and try binding to an
address on a temporary private VLAN and see if that works. It should not
until you explicitly grant permission.
> Looking further with tcpdump I see the following on the server that works.
<snip>
> Very baffling. Thanks for all the responses so far, and the corrections
> on using netstat. I'll continue looking into this. Any other insights
> would be most welcome.
Last question: firewall? If iptables is involved, what do: 'iptables
-nvL' and 'iptables -t nat -nvL' show?
Cheers, Jamon
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list