Geek Answers Handbook

Cannot issue ping command AWS RDS

I want to migrate my local mysql database to Amazon RDS. But first, I want to check if he is receiving a message. So I'm trying to pierce it. But timeout attempts.

ping -c 5 myfishdb.blackOut.us-west-2.rds.amazonaws.com PING ec2-54-xxx-xxx-118.us-west-2.compute.amazonaws.com (54.xxx.xxx.118): 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1 Request timeout for icmp_seq 2 Request timeout for icmp_seq 3

I suspect that I need to open the incoming settings, so I open the settings for

SSH TCP 22 72.xxx.xxx.xxx/32

And it still doesn't work. What do you think I'm doing wrong? Did I miss something?

+14
mysql amazon-web-services ping
source share
6 answers

So, I am trying to ping. But timeout attempts.

Ping will not work because the security group blocks all messages by default. You will need to β€œpush holes” in the security group's firewall to receive traffic to your instance.

SSH TCP 22 72.xxx.xxx.xxx/32 And still not working.

Yeah. RDS does not allow you to log in through SSH. Only the MySQL port (3306) is open.

I want to migrate my local mysql database to Amazon RDS.

Good, but be careful. DO NOT open 3306 for the entire Internet (i.e. 0.0.0.0). MySQL was not designed for this and often has flaws when someone can infiltrate your database.

You can open 3306 only for your (home) IP address (or the server from which you will use it.) It should look like "5.5.5.5/32 TCP port 3306". But be careful that this is not a big security, because other people can see your packages. (MySQL supports encrypted connections, but you must establish them explicitly.)

You can check your setup with telnet my.mysql.ip.address 3306 . If the message is not received, the port will not be opened. If you connect to .. then your MySQL port will work.

The safest way to use RDS is with an instance of EC2. You can create trust between the EC2 instance and the RDS security group. Your packages will not travel over the Internet, but only on the AWS network. Other people will not be able to see your packages because nothing allows in EC2.

+17
source share

Amazon RDS is a managed service for relational databases. It does not provide access to low-level infrastructure.

http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html

No SSH, Telnet, or Ping Access Allowed for an RDS Instance

Seb

+9
source share

"RDS instances are not configured to receive and respond to the ICMP packet for pings. The only way to connect to your RDS instance is through a standard SQL client application."

This means that adding an ICMP rule to a specific RDS security group does not make your RDS instance accessible via ICMP.

+7
source share

The solution that worked for me was to open IP: PORT in the security group section.

enter image description here

0
source share

Ping is blocked, as others have said. Allow Amazon RDS to connect to your EC2 instance Go to the security groups of your RDS instance. Change your inbox settings. And change "Custom" to "Anywhere". After that, you can connect to the database.

0
source share

AWS security groups block ICMP, which includes pings - by default. You need to open ICMP - blindly trying to open TCP / 22 will do nothing.

-2
source share

More articles:


All Articles