How to fix ERROR 2003 (HY000): Can't connect to MySQL server on 'node' (13)
If you get error 13 trying to connect to an IPv6 MySQL server for example:ERROR 2003 (HY000): Can’t connect to MySQL server on ‘node2’ (13)
It could be a Permission Denied error trying to open the socket:
# telnet node2 3306
Trying 2a01:4f8:161:xxxx::2b72…
telnet: connect to address 2a01:4f8:161:xxxx::2b72: Permission denied
Check if it’s SELinux first. If so there will be an entry in /var/log/audit/audit.log/
or /var/log/messages/
, or if SELinux is running in Permissive mode you can be sure it’s not responsible:
# sestatusSELinux status enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
If SELinux isn't responsible, you can connect outbound, and the destination server is running RHEL/CentOS 7, check the ip6table outbound rules next as there’s a good chance the default rules are rejecting connections with icmp6-adm-prohibited
:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
72800 146M ACCEPT all * * ::/0 ::/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all lo * ::/0 ::/0
148K 10M INPUT_direct all * * ::/0 ::/0
148K 10M INPUT_ZONES_SOURCE all * * ::/0 ::/0
148K 10M INPUT_ZONES all * * ::/0 ::/0
21 1260 DROP all * * ::/0 ::/0 ctstate INVALID
3 240 REJECT all * * ::/0 ::/0 reject-with icmp6-adm-prohibited
This gives a really confusing Permission Denied
error instead of Connection Refused
.
Add the required firewall rules and you’ll be able to connect.