Hi all,

I have two server in Data Center,

Here is their ifconfig details,

Server A:
-----------------------------------
eth0 Link encap:Ethernet HWaddr 00:07:E9:83:C7:51
inet addr:203.124.11.A Bcast:203.124.11.255 Mask:255.255.255.0
inet6 addr: fe80::207:e9ff:fe83:c751/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:79569115 errors:0 dropped:0 overruns:0 frame:0
TX packets:29906229 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:532600036 (507.9 MiB) TX bytes:1440639011 (1.3 GiB)

eth1 Link encap:Ethernet HWaddr 00:0E:0C:C1:65:02
inet addr:192.168.5.2 Bcast:192.168.5.255 Mask:255.255.255.0
inet6 addr: fe80::20e:cff:fec1:6502/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:509 errors:0 dropped:0 overruns:0 frame:0
TX packets:530 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:259271 (253.1 KiB) TX bytes:179658 (175.4 KiB)
Base address:0xdc00 Memory:ff8e0000-ff900000
-----------------------------------
Server B:
-----------------------------------
eth0 Link encap:Ethernet HWaddr 00:15:17:2E:3F9
inet addr:203.124.11.B Bcast:203.124.11.255 Mask:255.255.255.0
inet6 addr: fe80::215:17ff:fe2e:3fd9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:394033870 errors:0 dropped:0 overruns:0 frame:0
TX packets:6135002 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2782625396 (2.5 GiB) TX bytes:1798256868 (1.6 GiB)
Base address:0x1100 Memory:e8020000-e8040000

eth1 Link encap:Ethernet HWaddr 00:15:17:2E:3F8
inet addr:192.168.5.1 Bcast:192.168.5.255 Mask:255.255.255.0
inet6 addr: fe80::215:17ff:fe2e:3fd8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:526 errors:0 dropped:0 overruns:0 frame:0
TX packets:517 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:175268 (171.1 KiB) TX bytes:257909 (251.8 KiB)
Memory:e8180000-e81a0000
-----------------------------------

The case is i have PHP and MySQL installed in Server A, now i have bought a new server Server B. I want to move MySQL to Server B and leave Server A as a app server.
How can i use iptables to forward all MySQL(port 3306) request from Server A to Server B? I have read lot of articles and i find i can't get it done...

Thanks for the help!

Another choice if you still not found iptables way

1)shutdown MySQL at Server A
2)start MySQL at server B

in server A terminal execute
# ssh -f -L 3306:localhost:3306 root@serverB sleep 365d

just give a test

Thanks so much for your reply, i have done the following after read your reply,

1. shutdown Server A mysql use,
/etc/init.d/mysql.server stop
2. start Server B mysql use,
/etc/init.d/mysql.server start
3. Input the following shell command in Server A
----
[root@s138 ~]# ssh -f -L 3306:localhost:3306 root@192.168.5.1 sleep 365d
The authenticity of host '192.168.5.1 (192.168.5.1)' can't be established.
RSA key fingerprint is 1c:72:b7:16:4a:36:1c:13:25:ff:2e:8f:22:21:e9:f9.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.5.1' (RSA) to the list of known hosts.
root@192.168.5.1's password:
[root@s138 ~]#
----
Then i use a third server to run a php script... here is the script
----
<?php
mysql_connect('203.124.11.A', 'mysql_uid', 'mysql_pwd');
?>
----
But the page output...
----
Warning: mysql_connect() [function.mysql-connect]: Can't connect to MySQL server on '203.124.11.A' (10061) in D:\xampp\htdocs\iptables\index.php on line 2
----

It seems i done something wrong...>_<

erkk..D:\?

try run apps at server A

btw for sure third server no access to server A


<?php
mysql_connect('localhost', 'mysql_uid', 'mysql_pwd');
?>

this way

oops...
I try to connect it locally as you said...
And the output become,
----
PHP Warning: mysql_connect(): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /root/test.php on line 3
----
And then i reboot my server, and try "/etc/init.d/mysql.server status", it said,
----
MySQL is not running, but lock exists [FAILED]
----

The SSH forward command, is that run everytime after i type in once? no matter i reboot or not?

server A no longer need to run MySQL since your apps is pointing to localport 3306 but if want to try up both server just for testing

start both MySQL server A & B
execute in server A ssh -f -L 3300:localhost:3306 root@192.168.5.1 sleep 365d

open your apps in server A point the port to 3300 let see what happen

INFO,if u not reboot that connection will stay up to 365 days, once you reboot you need to re-issue that ssh command again or you can do more advance
by add that command to rc.local in server A and do key exchange for both server , i think someone can help on this because i never done this key exchange , shame on me

Thanks for your quick reply^_^
The problem is i found my mysql setting may be wrong after i play with iptables and ssh -f... I need to restore them to a clear installation first..

May you tell me the secret in "ssh -f"? What is the different between this and iptables? Will this have any performance issues? Because i will put this in my production server.

Thanks for your help! I am setting up my server now, i will try the script again.

no secret

this ssh -f follow by command sleep 365d is to bring the ssh command to live into the background process for 356 days, "f" mean forking, i call it tunnelling i have been manupulate this command for most of application in my laptop , currently everyday use is
1) MySQL Administrator forking to localhost to maintain MySQL server in idc
2) IRC-Konversation as bnc replacement
3) Tunnel port 80 for all my LAN , so all my LAN outgoing IP is IDC ip_addr
this will make me full utilize my dsl speeed up tu 180KBPS from everywhere download with my 1.5 dsl speed downstream
4) I use yum update tunnel to IDC with this ssh , very fast speed

and some other thing


its very good for production server because this will tranfer data securely between server "encrypted"

Hi routers,

It's so happy to tell u i get it done, it is very useful!

However, new problem is come... I find that mysql will trend localhost different to 127.0.0.1... when you use localhost in mysql_connect(), it will bypass tcp connect, the ssh forward will be useless. I think it is another topic....

Thanks so much for your help!!

for ssh key exchange as i mentioned before, you can look here

http://www.linuxquestions.org/linux/...authentication

I come out with this research and test

Server B
install mysql default root password unchange

Server A

run ssh with command
setup phpmyadmin in one domain and this is the config

here is the mandotory DO NOT USE "host" as localhost
change it to 127.0.0.1, otherwise wont work.
i cant explain why