Trying to connect to remote MySQL host (error 2003)

hellsgate picture hellsgate · Apr 19, 2011 · Viewed 74.8k times · Source

I have a MySQL instance running on a Debian server and I can connect to it locally with no problems. However, I am unable to connect to it remotely. When I try this from my command line I get the following error:

ERROR 2003 (HY000): Can't connect to MySQL server on '<server-ip>' (110)

I've added the user to mysql as 'user'@'*' and 'user'@'localhost'. skip-networking in this server is set to false and the bind-address is commented out in my.cnf. I've also attempted to open port 3306 in iptables using the following command:

/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT

Here is a listing of all my iptable firewall rules, which I retreived using iptables -L:

Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
REJECT     tcp  --  anywhere             anywhere            tcp dpt:auth reject-with icmp-port-unreachable 
ACCEPT     icmp --  anywhere             anywhere            icmp type 8 code 0 state NEW,RELATED,ESTABLISHED,UNTRACKED 
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:ftp state NEW 
ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:ssh state NEW 
ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:www state NEW 
ACCEPT     tcp  --  <my-server>          anywhere            tcp spts:1024:65535 dpt:mysql state NEW 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:49152:65534 state NEW 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql 
LOG        all  --  anywhere             anywhere            limit: avg 5/min burst 5 LOG level debug prefix `iptables denied: ' 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql 
LOG        tcp  --  anywhere             anywhere            tcp dpt:mysql LOG level debug 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Does anyone have any idea where I should go from here?

Answer

Mike Pennington picture Mike Pennington · Apr 19, 2011

Based on your response, you need to find if there is a device between you and the server that blocks your connection. You should also ensure that you can telnet to 3306 on that server's ethernet address when logged into the server... if not, you probably have not got the service bound to the ethernet in my.cnf... see the bind-address parameter.