0

I have setup a mongodb atlas. Also, I have configured a VPC peering from mongodb atlas to my AWS VPC. I have allowed VPC CIDR in the IP access list on mongodb atlas and it's working fine.

I also have a client VPN endpoint Which I am using to connect AWS VPC via secure tunnel. I have also allowed my client VPN private ip range on mongodb atlas IP access list but I am unable to connect to mongodb atlas endpoint.

I tried to dig down further and performed these steps:

  • resolve hostname from SRV record:

    nslookup -type=SRV _mongodb._tcp.clusterx.xxxxxxxxxx.mongodb.net

  • ping the hostname

    ping clusterx-shard-xx-xx.xxxxxx.mongodb.net

When trying the ping from AWS VPC, it resolves to the private ip of that hostname but when I try to ping the hostname from local, it resolves to public ip of that hostname. That was the reason I was unable to connect to mongodb atlas endpoint from my local.

Is there any way to make mongodb connection work with private ip from my local? Any suggestion/help is appreciated.

Deependra Dangal
  • 1,145
  • 1
  • 13
  • 36
  • Good question, it seems you did RCA and identified the issue with DNS resolution of your VPN client. The fix could be as easy as changing the nameserver in your local network set up when you are connected via VPN. I would double check that IP resolution is the problem first. Get IP local IP from the ping command and try to ping by IP from your laptop. It should prove connectivity on network level and will confirm the issue is with the nameserver. – Alex Blex Aug 24 '23 at 08:01
  • Actually, I am not sure if updating the aws vpc nameserver in local network helps. Do you know how can I get the aws vpc nameserver? – Deependra Dangal Aug 24 '23 at 14:55
  • https://linux.die.net/man/1/dig https://linux.die.net/man/1/nslookup or similar from within VPC where the name is properly resolved to local IP. – Alex Blex Aug 24 '23 at 15:10

0 Answers0