0

I'm having problems accessing my Amazon RDS MySQL Database from my server.

I get this:-

[Thu Sep 22 13:45:33 2011] [error] [client xx.xx.xx.xx] PHP Warning:  mysqli::mysqli() [<a href='function.mysqli-mysqli'>fqli-mysqli</a>]: (HY000/2003): Can't connect to MySQL server on 'xxxx-1.rds.amazonaws.com' (110) xxx.php on line 22, referer: xxx**

I've tried manually accessing via cmdline on server with:-

mysql -h xxxx.rds.amazonaws.com -p --port=3306

I then asks for password - which I put in, and it hangs and says

ERROR 2003 (HY000): Can't connect to MySQL server on 'xxxx.rds.amazonaws.com' (110)

Is this a port and/or firewall related problem? If so, what should I be addressing?

Is it because I'm already running a mysql srvr on this box, on port 3306?

Eric Hammond
  • 11,163
  • 1
  • 36
  • 56
  • 1
    it looks to me as though you have an ACL / policy in RDS that only allows a certain iP – jschorr Sep 22 '11 at 13:05
  • Belongs on serverfault. – Lightness Races in Orbit Sep 22 '11 at 13:06
  • Hi james - thanks for the thought - it is actually allowed as IP in the security group of RDS. Not so much thanks to Tomalak. –  Sep 22 '11 at 13:10
  • For those interested - turned out to be firewall blocking outbound 3306. Thanks for those who tried to help. – waxical Sep 23 '11 at 08:22
  • Why "not so much thanks to Tomalak"? He pointed out that this belongs on ServerFault, which is true, and beneficial because you'll get better answers here. No need to be rude by implying he's not being helpful - he was being helpful. – ceejayoz Nov 07 '11 at 05:38

4 Answers4

3

Possible reasons are - Firewall is blocking access to port 3306 - database server is not running on default port (3306) - the MySQL daemon is configured to accept connections only from localhost, not from remote host. (can be tested by "netstat -ntlp").

Farhan
  • 4,269
  • 11
  • 49
  • 80
0

I think your security group of ec2 instance must have outbound {All TCP } and select destination anywhere or to your ip

Ashmit Dadhich
  • 1
0

I had the same problem trying to connect to a remote mysql db.

I fixed it by opening the firewall on the db server to allow traffic through:

sudo ufw allow mysql
Dan King
  • 101
  • 2
-1

RDS servers are not publicly accessible. If you try to ping the endpoint URL, you will see that it returns a private (local address on the DB subnet) IP and not a public IP.

Since you can't attach an Elastic IP to RDS (and you shouldn't since it would be attached to the network interface and not the connection endpoint) you have two options for accessing RDS remote.

A) Use an SSH tunnel B) Create a VPC with a public subnet and use Network Address Translation to route connections to the private subnet. You should route the connection through Elastic load balancer to avoid a single point of failure.

user171638
  • 107
  • 1
  • 1
    This is wrong. RDS instances outside a VPC get a publicly accessible endpoint (that's secured with security groups). – ceejayoz Apr 29 '13 at 11:51
  • 1
    You can now also "To use public connectivity, simply create your DB Instances with the Publicly Accessible option set to yes. With Publicly Accessible active, your DB Instances within a VPC will be fully accessible outside your VPC by default." – Alistair Prestidge Jul 21 '14 at 14:50