tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
TencentDB for MySQL
    Documentation
    Download PDF

    Public Network Connection Failed

    Last updated: 2023-12-27 10:36:15
    Download PDF

      Symptom

      Failed to connect to an instance via the MySQL public network address from a CVM or third-party application.
      Note:
      There are various methods to connect to a TencentDB for MySQL instance, including connecting through private network, public network, or CCN, each requiring different connection conditions. For instance, if you attempt to connect to TencentDB for MySQL instance through a public network but you entered the instance's private network address in the command line, the connection will fail. Similarly, if you are using a Lighthouse instance to connect directly to TencentDB for MySQL without going through CCN, the connection will also fail. Therefore, in case of a connection failure, we recommend you first refer to the connection methods and application scenarios in Getting Started > Connecting to MySQL Instances > Overview to check whether you are adopting a proper connection method.

      Causes

      Possible Causes
      Description
      The password is incorrect.
      The configuration for CVM security group is incorrect.
      The configuration of MySQL security group is incorrect.
      The database account has restricted the access to specific host addresses.
      The connection command is incorrect.
      The IP and port in the command line or configuration file are incorrect.
      The MySQL instance's disk is full; maximum connections have been reached; the timeout parameter setting is incorrect; a master/slave switch is undergoing, or other possible issues.
      MySQL Instance Operating Status Issues
      The MySQL instance is in isolation. It can be restored from the Recycle Bin.
      CVM Instance Status Issues
      The CVM instance is in isolation or shut down. It can be restored or powered on through the Console.

      Solution

      1. Locate the cause through a check tool. The TencentDB console provides a one-click connection check tool to help locate the possible causes of connection failures, allowing you to, based on the prompts, make modifications before reconnecting to the instance.
      2. Self-Check If the One-Click Connection Check tool fails to locate the problem, or if you require solutions to the potential causes, you may locate the cause by yourself according to the following failure causes.

      Processing Steps

      I. Utilizing the One-Click Connection Check Tool to Locate the Cause and Implementing Corresponding Actions

      1. Log in to the TencentDB for MySQL console, choose the instance to be checked, and click the instance ID to access the instance management page.
      2. On the instance management page, navigate to Connection Check > Public Network Check.
      Note:
      To distinguish between private and public network addresses, please refer to the basic information on the instance details page.
      3. Add public network servers that access this MySQL instance.
      4. After the addition, click Start Check. A check report will be generated once the check task is completed.
      5. Based on the check report, locate the issue, make adjustments according to the recommendations, and then reconnect to MySQL.
      Check Items
      Exception Handling
      MySQL Instance Status
      It is detected that your MySQL instance has been terminated. You can restore it from the Recycle Bin.
      Public network access status
      It is detected that your MySQL instance does not enable the public network access. To enable public network access, please refer to Enabling Public Network Access.
      

      II. If the tool check fails to resolve the issue, consider the following causes.

      Password issue: The password is incorrect.

      If the password used during the connection is incorrect, you can either reset your password or create a temporary account with necessary permissions to log in the database.

      Security group configuration issue 1: The CVM security group configuration is incorrect.

      To use a CVM to connect to MySQL, you need to configure outbound rules in the CVM's security group.When the outbound rule target is not set to 0.0.0.0/0 and the protocol port is not set to ALL, you need to add the private IP and port of the MySQL into the outbound rules.
      1. Log in to the Security group console, click the name of the security group to access the details page of the security group assigned to the CVM.
      2. Choose the Outbound Rules tab and click Add Rule. Choose MySQL(3306) for the "Type", enter your MySQL's private IP address(range) for "Destination", and select "Allow" for "Policy".

      Security group configuration issue 2: The MySQL security group configuration is incorrect.

      To connect a specific CVM to a MySQL instance, you must configure inbound rules in the MySQL's security group.When the inbound rule source is not set to 0.0.0.0/0 and the protocol port is not set to ALL, you need to add the CVM's IP and port into the inbound rules.
      1. Log in to the Security group console and click the security group name to enter the details page of the security group bound to the MySQL.
      2. Choose the Inbound Rules tab and click Add Rule.Enter the IP addresses you wish to allow for connection as well as the required port information (MySQL's private port), select "Allow" to release the IP port access. For "Type", select MySQL(3306); for "Source", enter your CVM's public IP address(range); for "Policy", select "Allow".

      **Issues related to the host addresses authorized by account: The database account has restricted the access to specific host addresses.

      In addition to the security group, subnet, and other network environment restrictions, the database account is also subject to constraints imposed by the MySQL account system itself. If a database account specifies certain host addresses, connections from other addresses to MySQL will be denied. You can enhance the security of your database connection by using the TencentDB for MySQL console to modify the host addresses authorized by the database account.
      1. Log in to the TencentDB for MySQL console, select an instance ID from the instance list to enter the instance management page.
      2. Navigate to DMC > Account Management, locate the account for which host modification is required, and in the Operation column, choose More > Modify Host.
      3. In the pop-up dialog box, enter the new host address and click OK to modify the host address authorized to the account.
      Note:
      The host address can be an IP or % (indicating no limits on the IP range).Multiple hosts should be separated using a line break, space, or the symbols ; , |.
      Example 1: Entering
      Example 2: Entering 10.5.10.%, indicates that the clients within the 10.5.10.%IP range are allowed to use this account to connect to the database.

      Connection syntax issue: The connection command is incorrect.

      Please verify the correctness of the connection command. Please refer to the standard command for a public network connection:
      mysql -h <public IP address> -u <username, default is root> -P <public port number> -p
      <public IP address>: Replace it with the public network address of the target TencentDB for MySQL instance, which can be viewed on the instance details page in the TencentDB for MySQL console.
      <username, default is root>: Replace it with the account name of your target MySQL instance. The default account name is root.
      <public port number>: Replace it with the public port number of the target MySQL instance, which can be viewed on the instance details page in the TencentDB for MySQL console.

      IP and port issue: The IP address or port in the command line or configuration file is incorrect.

      When attempting to connect to the database using a command, ensure that the public IP and port number of the instance are correct. These can be viewed on the instance details page in the TencentDB for MySQL console.
      

      MySQL instance issue: The MySQL instance's disk is full. The maximum connections have been reached. The timeout parameter setting is incorrect. A master/slave switch is undergoing.

      If the MySQL instance disk is full, it may affect database connectivity. It's recommended to expand the disk capacity. For the procedure, please refer to Adjusting Database Instance Specification.
      When the error message "ERROR 1040(00000): Too many connections" is displayed, it indicates that the maximum number of connections for the current CDB instance has been reached. Common causes and solutions are as follows: i. If there are too many sleep threads, it's advised to decrease the values of the wait_timeout and interactive_timeout parameters via the console. For details, please refer to Setting Instance Parameters. ii. If there are few sleep threads and no slow query accumulation, it's suggested to increase the value of the max_connections parameter via the console. For details, please refer to Setting Instance Parameters.
      Check whether the MySQL instance is in a "master-slave switch state", as connection attempts will fail if the MySQL instance is in the middle of a master-slave switch. After the switch has completed, connect using the command again.
      
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy