When attempting to configure remote access by setting bind-address to an external IP (like 192.168.1.66 in your case), the MySQL service fails to restart. The server only starts normally when this parameter is commented out, despite having proper port availability and firewall configuration.
Here's what a typical problematic configuration looks like:
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
bind-address=192.168.1.66 # This causes startup failure
port=3306
symbolic-links=01. Network Interface Verification:
# Check if the IP is assigned to any interface
ip addr show | grep 192.168.1.66
# Alternative for older systems
ifconfig | grep 192.168.1.662. Port Conflicts:
# Verify port 3306 isn't already in use
sudo netstat -tulnp | grep 3306
# Or using ss
sudo ss -tulnp | grep mysqlOption 1: Bind to All Interfaces
[mysqld]
bind-address=0.0.0.0 # Allows connections from all network interfacesOption 2: Verify Interface Configuration
# For systems with multiple IPs
[mysqld]
bind-address=192.168.1.66 # Only if this IP exists on the serverTo get detailed error messages:
# View MySQL error logs
sudo tail -f /var/log/mysql/error.log
# Alternative log location for some systems
sudo tail -f /var/log/mysqld.logCommon Error Patterns:
2023-01-01T12:00:00.000000Z 0 [ERROR] Can't start server: Bind on TCP/IP port: Address already in use 2023-01-01T12:00:01.000000Z 0 [ERROR] Do you already have another mysqld server running on port: 3306?
For production environments, consider these additional parameters:
[mysqld]
bind-address=0.0.0.0
skip-name-resolve # Improves performance for remote connections
max_connections=200 # Adjust based on expected load
wait_timeout=300 # Reduces idle connectionsWhen enabling remote access:
# Create restricted remote user
CREATE USER 'remote_user'@'192.168.1.%' IDENTIFIED BY 'StrongPassword!123';
GRANT SELECT, INSERT, UPDATE ON db_name.* TO 'remote_user'@'192.168.1.%';Remember to implement firewall rules:
# Example ufw rules
sudo ufw allow from 192.168.1.0/24 to any port 3306
sudo ufw enableWhen attempting to enable remote MySQL connections by configuring bind-address=**.**.**.66 in my.cnf, the service fails to restart. However, commenting out this directive allows normal startup. This indicates either an IP configuration issue or permission problem.
First check MySQL error logs (typically /var/log/mysqld.log or /var/log/mysql/error.log) for precise failure details:
sudo tail -50 /var/log/mysql/error.log
# Common errors include:
# - Can't start server: Bind on TCP/IP port: Address already in use
# - IP binding permission denied
# - Invalid IP address formatBefore modifying bind-address, verify these fundamentals:
# Confirm IP validity
hostname -I
ifconfig | grep inet
# Check port availability
sudo netstat -tulpn | grep 3306
sudo lsof -i :3306
# Test local binding
mysql -h 127.0.0.1 -P 3306 -u root -pFor production environments, consider these configuration patterns:
[mysqld]
# Single IP binding
bind-address = 192.168.1.66
# OR multiple IPs via multiple instances
[mysqld]
bind-address = 0.0.0.0
# Then restrict via firewall:
sudo ufw allow from 192.168.1.100 to any port 3306On Ubuntu/Debian systems using UFW:
sudo ufw allow 3306/tcp
sudo ufw allow from client_ip to any port 3306For CentOS/RHEL with firewalld:
sudo firewall-cmd --permanent --zone=public --add-port=3306/tcp
sudo firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="client_ip" port protocol="tcp" port="3306" accept'
sudo firewall-cmd --reloadOn SELinux-enabled systems, additional configuration might be needed:
# Check current settings
sudo semanage port -l | grep mysql
# Add MySQL port if missing
sudo semanage port -a -t mysqld_port_t -p tcp 3306For modern MySQL 8.0+ installations, consider using MySQL Router or connection pooling instead of direct remote access.
[mysqld]
# For MySQL 8.0 performance
mysqlx-bind-address = 0.0.0.0
admin-address = 127.0.0.1
skip-name-resolve = ON