Remote Server can't access RDS Database

mysql php amazon-web-services amazon-rds rds

5,353

Possible reasons are - Firewall is blocking access to port 3306 - database server is not running on default port (3306) - the MySQL daemon is configured to accept connections only from localhost, not from remote host. (can be tested by "netstat -ntlp").

5,353

Author by

Eric Hammond

On Alestic.com Eric writes practical, technical articles about Amazon Web Services (AWS). Amazon has recognized Eric Hammond as an AWS Hero. Eric Hammond has been building technology and technology teams since 1996, growing early stage startups including Archer, Rent.com, Stamps.com, and Citysearch. Follow Eric Hammond on Twitter.

Updated on September 18, 2022

Comments

Eric Hammond over 1 year
I'm having problems accessing my Amazon RDS MySQL Database from my server.

I get this:-
```
[Thu Sep 22 13:45:33 2011] [error] [client xx.xx.xx.xx] PHP Warning:  mysqli::mysqli() [<a href='function.mysqli-mysqli'>fqli-mysqli</a>]: (HY000/2003): Can't connect to MySQL server on 'xxxx-1.rds.amazonaws.com' (110) xxx.php on line 22, referer: xxx**
```
I've tried manually accessing via cmdline on server with:-

mysql -h xxxx.rds.amazonaws.com -p --port=3306

I then asks for password - which I put in, and it hangs and says

ERROR 2003 (HY000): Can't connect to MySQL server on 'xxxx.rds.amazonaws.com' (110)

Is this a port and/or firewall related problem? If so, what should I be addressing?

Is it because I'm already running a mysql srvr on this box, on port 3306?
- jschorr over 12 years
  
  it looks to me as though you have an ACL / policy in RDS that only allows a certain iP
- Lightness Races in Orbit over 12 years
  
  Belongs on serverfault.
- Admin over 12 years
  
  Hi james - thanks for the thought - it is actually allowed as IP in the security group of RDS. Not so much thanks to Tomalak.
- waxical over 12 years
  
  For those interested - turned out to be firewall blocking outbound 3306. Thanks for those who tried to help.
- ceejayoz over 12 years
  
  Why "not so much thanks to Tomalak"? He pointed out that this belongs on ServerFault, which is true, and beneficial because you'll get better answers here. No need to be rude by implying he's not being helpful - he was being helpful.
ceejayoz about 11 years

This is wrong. RDS instances outside a VPC get a publicly accessible endpoint (that's secured with security groups).
Alistair Prestidge almost 10 years

You can now also "To use public connectivity, simply create your DB Instances with the Publicly Accessible option set to yes. With Publicly Accessible active, your DB Instances within a VPC will be fully accessible outside your VPC by default."