I am attempting to connect to a remote mongodb service and cannot figure out how to get it to work. The remote mongod
is running on an Ubuntu box. I am a very novice unix user, but I'm reasonably certain the problem is that I am not opening up the firewall probably with iptables
, I've tried the commands in the mongodb docs and still no success.
mongodb.conf relevant rules
bind_ip = 0.0.0.0
port = 27017
auth = false
netstat -A
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:28017 *:* LISTEN
tcp 0 0 *:27017 *:* LISTEN
iptables -L -n
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
DROP all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:27017 state NEW,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:28017 state NEW,ESTABLISHED
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:27017 state ESTABLISHED
iptables commands executed as documented in mongodb docs at - http://docs.mongodb.org/manual/tutorial/configure-linux-iptables-firewall/#patterns
Here is what I've tried:
browser: http://xx.xx.xx.xx:27017/ no response.
browser: http://xx.xx.xx.xx:28017/ no response.
browser: http://www.hostname.com:27017/ no reponse.
browser: http://www.hostname.com:28017/ no response.
mongo.exe xx.xx.xx.xx:27017 (remotely) couldn't connect to server xx.xx.xx.xx
mongo xx.xx.xx.xx:27017 (from localhost) connects properly
mongo www.hostname.com:27017 (from localhost) connects properly
The fact that it connects properly over localhost on the server hosting the mongodb, even when I specify the IP address, makes me think it has to be a firewall issue. Any ideas?
iptables
rules are read in exactly in the order as they appear. You now have DROP
taking precedence over ACCEPT
of your mongodb ports.
Shuffle the lines in your particular script that sets up iptables and flush and re-read them back in.
If you haven't saved your firewall yet, remove the DROP
rule and re-add it again, it will shift it down the list and will also solve your issue.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.