MySQL Server Multi-IP Binding: Configuring Multiple Network Interfaces for Database Connections


4 views

MySQL's bind-address parameter in my.cnf is indeed restricted to a single IP address configuration. When examining the MySQL server documentation, you'll find this explicitly mentioned:

[mysqld]
bind-address = 192.168.1.100
# Additional bind-address lines will be ignored
# bind-address = 10.0.0.100 ← This won't work

Here are three practical approaches to achieve multi-IP binding:

1. Using Wildcard Binding (0.0.0.0)

The simplest solution is to bind to all available interfaces:

[mysqld]
bind-address = 0.0.0.0

Important security note: Always combine this with proper firewall rules and MySQL's user host restrictions.

2. Network Interface Binding

Instead of binding to specific IPs, bind to network interfaces:

[mysqld]
bind-address = eth0
bind-address = eth1

Note: This approach depends on your OS and may require interface aliases.

3. Using MySQL Router or ProxySQL

For advanced setups, consider these proxy solutions:

# Example ProxySQL configuration
INSERT INTO mysql_servers(hostgroup_id,hostname,port) VALUES (10,'192.168.1.100',3306);
INSERT INTO mysql_servers(hostgroup_id,hostname,port) VALUES (10,'10.0.0.100',3306);

When implementing multi-IP binding:

  • Update your mysql.user table to restrict access by host
  • Implement network-level firewalls (iptables, firewalld)
  • Consider using TCP wrappers for additional filtering

After configuration, verify your settings:

netstat -tulnp | grep mysql
# Should show listening on multiple interfaces

Many developers encounter a common challenge when configuring MySQL: the bind-address parameter in my.cnf only accepts a single IP address. This limitation can be frustrating when you need MySQL to listen on multiple network interfaces.

Common scenarios include:

  • Running applications on different network segments
  • Separating internal and external database access
  • Implementing multi-homed server configurations
  • Testing environments requiring local and remote connections

The simplest approach is to configure MySQL to listen on all available interfaces:

[mysqld]
bind-address = 0.0.0.0

This tells MySQL to bind to all IPv4 interfaces. For IPv6, use :: instead.

If you need more control, you can bind MySQL to specific network interfaces:

[mysqld]
bind-address = eth0

This binds MySQL to the eth0 interface specifically. You can check available interfaces with:

ifconfig -a

When binding to multiple interfaces or using 0.0.0.0:

  • Always configure proper firewall rules
  • Use MySQL's user privilege system to restrict access
  • Consider implementing SSH tunneling for remote connections
  • Monitor connection attempts in your MySQL logs

For finer control, you can use /etc/hosts.allow and /etc/hosts.deny:

# /etc/hosts.allow
mysqld: 192.168.1.0/24
mysqld: 10.0.0.5

# /etc/hosts.deny
mysqld: ALL

This allows connections only from specified IP ranges while MySQL is bound to all interfaces.

After making changes, check which addresses MySQL is listening on:

netstat -tulnp | grep mysqld

Or for newer systems:

ss -tulnp | grep mysqld

Binding to multiple interfaces may have minor performance impacts:

  • Slightly increased memory usage for connection handling
  • Potential for more TCP connection states
  • Additional network stack processing

For most applications, these impacts are negligible.

If connections aren't working:

  1. Verify MySQL is running: systemctl status mysql
  2. Check for firewall blocks: iptables -L
  3. Confirm network connectivity between hosts
  4. Review MySQL error logs: /var/log/mysql/error.log