LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 08-30-2015, 03:49 AM   #1
grob115
Member
 
Registered: Oct 2005
Posts: 542

Rep: Reputation: 32
Ping works but telnet doesn't


Hi, I'm getting stuck with why I'm unable to connect to MySQL running on 192.168.50.131:3306 from another server.

From the output we can see pinging the address 192.168.50.131 works but when I tried to telnet to it, it says no route! How can that be?

Just confirm, does it matter if I see an asterisk under the Gateway column, as long as the default route is correct?

Code:
[root@www ~]# ping 192.168.50.131
PING 192.168.50.131 (192.168.50.131) 56(84) bytes of data.
64 bytes from 192.168.50.131: icmp_seq=1 ttl=64 time=0.567 ms
64 bytes from 192.168.50.131: icmp_seq=2 ttl=64 time=0.468 ms

--- 192.168.50.131 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.468/0.517/0.567/0.054 ms
[root@www ~]#
[root@www ~]# telnet 192.168.50.131 3306
Trying 192.168.50.131...
telnet: connect to address 192.168.50.131: No route to host
telnet: Unable to connect to remote host: No route to host
[root@www ~]#
[root@www ~]# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.50.0    *               255.255.255.0   U     0      0        0 eth0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth0
default         192.168.50.1    0.0.0.0         UG    0      0        0 eth0
[root@www ~]#
[root@www ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     esp  --  anywhere             anywhere
ACCEPT     ah   --  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:imap
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:submission
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:7036
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited
[root@www ~]#
 
Old 08-30-2015, 04:15 AM   #2
ButterflyMelissa
Senior Member
 
Registered: Nov 2007
Location: Somewhere on my hard drive...
Distribution: Manjaro
Posts: 2,766
Blog Entries: 23

Rep: Reputation: 411Reputation: 411Reputation: 411Reputation: 411Reputation: 411
(post editted out, irrelevant, sorry)

Last edited by ButterflyMelissa; 08-30-2015 at 05:41 AM.
 
Old 08-30-2015, 05:08 AM   #3
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,832

Rep: Reputation: 5970Reputation: 5970Reputation: 5970Reputation: 5970Reputation: 5970Reputation: 5970Reputation: 5970Reputation: 5970Reputation: 5970Reputation: 5970Reputation: 5970
The OP is trying to test MySQL from a remote client by using telnet and not actually connecting to a telnet server. I do not see a firewall rule that allows port 3306 traffic. In addition you will need to modify your my.cnf to allow remote connections and then grant permission for a rmeote user.

https://mariadb.com/kb/en/mariadb/co...client-access/
http://www.cyberciti.biz/tips/how-do...se-server.html

Last edited by michaelk; 08-30-2015 at 05:42 AM.
 
Old 08-30-2015, 05:40 AM   #4
ButterflyMelissa
Senior Member
 
Registered: Nov 2007
Location: Somewhere on my hard drive...
Distribution: Manjaro
Posts: 2,766
Blog Entries: 23

Rep: Reputation: 411Reputation: 411Reputation: 411Reputation: 411Reputation: 411
@michalek - sorry, I'll pull my post back...been, a nasty saturday...
 
Old 08-31-2015, 09:46 AM   #5
grob115
Member
 
Registered: Oct 2005
Posts: 542

Original Poster
Rep: Reputation: 32
Quote:
Originally Posted by michaelk View Post
The OP is trying to test MySQL from a remote client by using telnet and not actually connecting to a telnet server. I do not see a firewall rule that allows port 3306 traffic. In addition you will need to modify your my.cnf to allow remote connections and then grant permission for a rmeote user.

https://mariadb.com/kb/en/mariadb/co...client-access/
http://www.cyberciti.biz/tips/how-do...se-server.html
Hi, thanks. Not sure how the default iptables got so complicated but here's my interpretation of what it has. Is my interpretation wrong?
1) Chain INPUT is referring to RH-Firewall-1-INPUT.
2) First line in Chain RH-Firewall-1-INPUT is "ACCEPT all -- anywhere anywhere" which means accept any protocol from anywhere to anywhere.

FYI, I'm able to do the same telnet operation against another MySQL database on another IP on port 3306.
 
Old 08-31-2015, 10:20 AM   #6
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
https://dev.mysql.com/doc/refman/5.1...d_bind-address
 
Old 09-12-2015, 11:31 PM   #7
grob115
Member
 
Registered: Oct 2005
Posts: 542

Original Poster
Rep: Reputation: 32
Hi, sorry I'm still trying to figure out what's happening here. According to the following wiki, if the table is not explicitly specified, it's using the Filter table by default.
http://www.linuxhomenetworking.com/w...s#.VfTyka2lxHw

Looking at the iptable setup in my example, there are no table names specified so I believe it's using the Filter table. However, according to Figure 14-1 Iptables Packet Flow Diagram of the same wiki, Input chain of the Filter table only comes into play when the packet is to be processed by the firewall, and any packets that need to be forwarded to a server needs to go through the Forward chain of the Filter table.

What I don't understand is why would I see something like this on the Input chain? Should this be on the Forward chain?
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Ping works but telnet does not work sandeep.chikkerur Linux - Networking 11 05-20-2011 05:45 AM
ping works at first but then doesn't jpm1u Linux - Networking 4 07-08-2009 07:21 AM
nslookup works, ping doesn't coolnicklas Linux - Networking 5 04-16-2005 08:23 PM
ping works, telnet refused ellisdodge Linux - Networking 7 07-01-2002 12:06 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:42 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration