I am trying to connect Mongolab URI from my mongo shell and its showing
MongoDB shell version: 3.1.7
connecting to: ds015859.mlab.com:15859/instabuy
2016-03-16T16:49:15.581+0530 W NETWORK [thread1]
Failed to connect to 54.224.218.3:15859, reason: errno:10061
No connection could be made because the target machine actively refused
2016-03-16T16:49:15.581+0530 E QUERY [thread1] Error: couldn't connect to server ds015859.mlab.com:15859, connection attempt failed :
connect#src/mongo/shell/mongo.js:216:14
I am behind a http web proxy in my college, but I already set my HTTP_PROXY variable. I already connected to heroku by setting the proxy variable also. But other services like Mongolab, Mailchimp and AWS s3 are refusing connection..what should I do, Please help.
Different services such as MongoDb and others use custom command protocols to communicate with clients. For, example, in MongoDb they use binary MongoDB Wire Protocol. A HTTP proxy can handle only a limited set of protocols, most proxies are configured to proxy the HTTP text protocol only. So, you can't connect to mongo server via such proxy unless you have a HTTP-wrapper around the mongo protocol.
If you want to connect remotely to any service with any protocol indirectly via something like a proxy then you have to use tunneling. Tunnels can work at the IP:port level (SSH tunnels, as an example) or be established over VPN (OpenVPN tunnels, for example). In both cases you first establish a tunnel with your "proxy" server and then redirect mongo connection to that tunnel.
Related
I am unable to connect to a Mongo db which is hosted in IBM cloud. I have got the credentials and the db name. I am using direct authentication method but getting sometime timeout error or sometime "Client network socket disconnected before secure TLS connection was established" error. I am new to Mongo client. It seems ibm cloud team do not set any restrictions and on public internet. I can do a telnet with the server string.
1.Do I need to use any configuration in Mongo compass client like installing certificates?
2.Do I need to request for ip binding (though my ip is dynamic)
Any help will be appreciated on this
When trying to connect to AWS DocumentDB using mongocxx C++ driver, even after using the AWS combined pem file as a URI parameter (CA file), I get the below error of TLS handshake failed.
No suitable servers found (`serverSelectionTryOnce` set): [TLS handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed calling ismaster on 'docdb-xxxxxxxx.ap-southeast-1.docdb.amazonaws.com:27017']: generic server error
I have masked out the full hostname of the documentdb instance. I am using the connection URI method mentioned in http://mongocxx.org/mongocxx-v3/configuration/
// 2) Using the URI
auto client2 = mongocxx::client{uri{"mongodb://host1/?tls=true&tlsAllowInvalidCertificates=true&tlsCAFile=/path/to/custom/cert.pem"}};
I am using mongocxx 3.4.2 and libmongoc 1.16.2
I have tried this connection with the Node.js driver and it is able to connection. Any ideas what could be wrong?
I was trying to connect to my DocumentDB cluster on AWS via an external app like TablePlus and I had the same error:
No suitable servers found
(`serverSelectionTryOnce` set): [Failed to resolve 'docdb-1984-08-10-12-14-15.cluster-boogeyman.xy-central-99.docdb.amazonaws.com']
What I tried next is to:
open all sort of incoming traffic in the security group assigned to my cluster
made sure that "Encryption-at-rest" (in Advanced Settings) is disabled while creating the cluster
I still got this error. What I discovered next is that:
Trying to connect to an Amazon DocumentDB cluster directly from a public endpoint, such as your laptop or local development machine, will fail. Amazon DocumentDB is virtual private cloud (VPC)-only and does not currently support public endpoints. Thus, you can't connect directly to your Amazon DocumentDB cluster from your laptop or local development environment outside of your VPC.
Please read the AWS connection troubleshooting section. To connect to an Amazon DocumentDB cluster from outside an Amazon VPC, you can use an SSH tunnel.
Our dev ops team have whitelisted my home ip address so that I can connect to our Postgres database on Azure. I am able to connect to our Azure database due to this.
Today I set up a VM in order to run Docker. I am running a container for RStudio which is an app that, among many other things, allows me to connect to our database using ODBC.
After configuring the odbcinst and odbc.ini files I believe that those are configured correctly because when I try to connect I get the following error:
Error: nanodbc/nanodbc.cpp:983: 00000: FATAL: SSL connection is required. Please specify SSL options and retry.
Thus I think that my odbc set up is correct because this error suggests my connection setting are fine, it's just that Azure will not allow it without SSL.
Searching that error message took me to this SO post with the following accepted answer:
By default, Azure Database for PostgreSQL enforces SSL connections between your server and your client applications to protect against MITM (man in the middle) attacks. This is done to make the connection to your server as secure as possible.
Although not recommended, you have the option to disable requiring SSL for connecting to your server if your client application does not support SSL connectivity. Please check How to Configure SSL Connectivity for your Postgres server in Azure for more details. You can disable requiring SSL connections from either the portal or using CLI. Note that Azure does not recommend disabling requiring SSL connections when connecting to your server.
My question is, if I am already able to connect to our database outside of my VM due to my home IP being whitelisted and just using a Postgres Driver with Dbeaver SQL client, is there anything I can do to connect from within my VM?
I can get my VMs ip address but I suspect (am not sure) if sending hat to our developers to whitelist would work?
Is there a prescribed course of action here?
I added this parameter to my .odbc.ini file and was able to connect:
sslmode=require
From Azure Postgres documentation, this parameter may take on different permutations depending on the context
"for example "ssl=true" or "sslmode=require" or "sslmode=required" and other variations"
I have some timeout problems when connecting my Azure Web App to a MongoDb hosted on a Azure VM.
2015-12-19T15:57:47.330+0100 I NETWORK Socket recv() errno:10060 A connection attempt
failed because the connected party did not properly respond after a period of time,
or established connection failed because connected host has failed to respond.
2015-12-19T15:57:47.343+0100 I NETWORK SocketException: remote: 104.45.x.x:27017 error:
9001 socket exception [RECV_ERROR] server [104.45.x.x:27017]
2015-12-19T15:57:47.350+0100 I NETWORK DBClientCursor::init call() failed
Currently mongodb is configured on a single server (just for dev) and it is exposed through a public ip. Website connect to it using an azure domain name (*.westeurope.cloudapp.azure.com) and without a Virtual Network.
Usually everything works well, but after some minutes of inactivity I get that timeout exception. The same will happen when using the MongoDb shell from my PC, so I'm quite sure that it is a problem on mongodb side.
I'm missing some configuration?
After some searching here my considerations:
It is usually a good practice to implement some sort of retry logic on every resource that you access on Azure (database, VM, ...). For MongoDb there is a partial implementation so you should potentially write your own. See also this issue and this.
If possible all resources on Azure should be in the same Azure Virtual Network (in this way all connections are made using Azure Private Ip instead of Public Ip. This is also useful for security reasons because you don't need to open endpoint to the public.
When deploying MongoDb on Azure try to follow the official MongoDb guidelines.
In this particular case you should set the net.ipv4.tcp_keepalive_time to a value lower than the tcp keep alive of Azure, that by default is 240 seconds. In this way the connection is closed and MongoDb driver can intercept this condition and open a new connection. If the connection is closed by Azure the driver cannot intercept it. If you want to change this setting on Azure (not recommended) you can find it inside the Public Ip configuration.
In my development environment I have set the net.ipv4.tcp_keepalive_time to 120 and now everything seems to work fine. Consider that if you host MondoDb inside an Docker container you should set this setting on the Docker host.
Here some other useful links:
http://focusmatic.tumblr.com/post/39569711018/solving-mongodb-connection-losses-on-windows-azure
https://docs.mongodb.org/ecosystem/platforms/windows-azure/
https://michaelmckeownblog.wordpress.com/2013/12/04/resolving-internal-ips-vs-dns-names-between-vms/
https://gist.github.com/davideicardi/f2094c4c3f3e00fbd490
MongoDB connection problems on Azure
MongoDB connection timeouts (Azure)
When using the C# Mongo driver we resolved this by setting the following
MongoDefaults.MaxConnectionIdleTime = TimeSpan.FromMinutes(1);
I want to use this as a proxy server to connect many different clients with servers. Here is what I'm looking to do:
The server software on a user's computer would connect to a proxy server that is running on a VPS. It would pass in some kind of Key or authentication info to identify itself and then would maintain a persistent TCP connection to the proxy server.
A client application running on a mobile device or other computer would connect to the proxy server and pass in some kind of Key or authentication info. The proxy server would match the connection between the client and server based on their authentication info, and then forward all data back and fourth between the connections.
The proxy server would need to be able to handle multiple clients and servers connecting to it at once and use the authentication info to pair them up. There could be multiple clients connecting to the same server at the same time too. The connection from the client and server would both be outbound so that they are not blocked by firewalls. I wrote the client and server software, so I can make them work with any specific proxy.
What is the name of this kind of proxy server? And can anyone recommend any?
Thanks!