MySQL error 2003 over ssh tunnel when replicating, not when using client


I am trying to set up replication on a MySQL server over an SSH tunnel. I've set up a port forward on the slave from port 7777 at localhost to port 3306 on the master, and I can connect to my replication account using

mysql -h -P 7777 -u replicate -p 

However, when I set the master configuration on the slave (using host, user replicate, the correct password [double-checked it], and port 7777), it has an error connecting to the master with code 2003, which seems to be associated with login problems. I checked the permissions, and 'replicate'@'' has replication slave on *.*. Why can I connect with a client, but replication is failing.


The master server runs MySQL 5.1.66 on Ubuntu 10.04; the slave runs MySQL 5.5.28 on Fedora 16.

mysql --ssl --help

results in:

Variables (--variable-name=value)
and boolean options {FALSE|TRUE}  Value (after reading options)
--------------------------------- -----------------------------
auto-rehash                       TRUE
character-sets-dir                (No default value)
column-type-info                  FALSE
comments                          FALSE
compress                          FALSE
debug-check                       FALSE
debug-info                        FALSE
database                          (No default value)
default-character-set             latin1
delimiter                         ;
vertical                          FALSE
force                             FALSE
named-commands                    FALSE
ignore-spaces                     FALSE
local-infile                      FALSE
no-beep                           FALSE
host                              (No default value)
html                              FALSE
xml                               FALSE
line-numbers                      TRUE
unbuffered                        FALSE
column-names                      TRUE
sigint-ignore                     FALSE
port                              3306
prompt                            mysql>
quick                             FALSE
raw                               FALSE
reconnect                         TRUE
socket                            /var/run/mysqld/mysqld.sock
ssl                               TRUE
ssl-ca                            (No default value)
ssl-capath                        (No default value)
ssl-cert                          (No default value)
ssl-cipher                        (No default value)
ssl-key                           (No default value)
ssl-verify-server-cert            FALSE
table                             FALSE
user                              (No default value)
safe-updates                      FALSE
i-am-a-dummy                      FALSE
connect_timeout                   0
max_allowed_packet                16777216
net_buffer_length                 16384
select_limit                      1000
max_join_size                     1000000
secure-auth                       FALSE
show-warnings                     FALSE

Slave status:

mysql> show slave status\G
show slave status

*************************** 1. row ***************************
               Slave_IO_State: Connecting to master
                  Master_User: replicate
                  Master_Port: 7777
                Connect_Retry: 60
              Master_Log_File: mysql-bin.000002
          Read_Master_Log_Pos: 397
               Relay_Log_File: slave-relay-bin.000004
                Relay_Log_Pos: 107
        Relay_Master_Log_File: mysql-bin.000002
             Slave_IO_Running: Connecting
            Slave_SQL_Running: Yes
                   Last_Errno: 0
                 Skip_Counter: 0
          Exec_Master_Log_Pos: 107
              Relay_Log_Space: 107
              Until_Condition: None
                Until_Log_Pos: 0
           Master_SSL_Allowed: No
        Seconds_Behind_Master: NULL
Master_SSL_Verify_Server_Cert: No
                Last_IO_Errno: 2003
                Last_IO_Error: error connecting to master 'replicate@' - retry-time: 60  retries: 86400
               Last_SQL_Errno: 0
             Master_Server_Id: 0
1 row in set (0.00 sec)


SELinux is enabled on the server, and is in enforce mode.

Best Answer

Very likely your mysqld connection to a 7777 port is blocked by selinux. To allow that, do following

semanage port -a -t mysqld_port_t -p tcp 7777

To check if it is added to mysqld allowed port

semanage port -l | grep mysqld_port_t