mongodb.conf bind_ip = 127.0.0.1不起作用,但0.0.0.0起作用 [英] mongodb.conf bind_ip = 127.0.0.1 does not work but 0.0.0.0 works
问题描述
我不明白mongodb中的bind_ip是什么.我可以使用bind_ip = 0.0.0.0建立从台式机到EC2计算机的远程连接,但是不能使其与bind_ip = 127.0.0.1一起使用.
I could not understand what bind_ip in mongodb is. I could make a remote connection from desktop to the EC2 machine by having bind_ip = 0.0.0.0, but could not make it work with bind_ip = 127.0.0.1.
请解释一下bind_ip是什么,为什么它对0.0.0.0而不对127.0.0.1有用.
Please explain me what bind_ip is and why it works for 0.0.0.0 and not for 127.0.0.1.
供 mongodb文档引用
bind_ip
默认:所有接口.
设置此选项可将mongod或mongos进程配置为绑定到该地址并监听来自该地址的应用程序的连接. 您可以将mongod或mongos实例附加到任何接口;然而, 如果您将流程附加到可公开访问的界面, 实施适当的身份验证或防火墙限制以进行保护 数据库的完整性.
Set this option to configure the mongod or mongos process to bind to and listen for connections from applications on this address. You may attach mongod or mongos instances to any interface; however, if you attach the process to a publicly accessible interface, implement proper authentication or firewall restrictions to protect the integrity of your database.
您可以连接以逗号分隔的值的列表,以将mongod绑定到多个IP地址.
You may concatenate a list of comma separated values to bind mongod to multiple IP addresses.
推荐答案
在将服务器绑定到0.0.0.0之前,请先了解这些更改的安全隐患:您的服务器将公开暴露于以下IP上的所有IP:整个互联网.确保在您的服务器上启用身份验证!
将计算机绑定到EC2上的127.0.0.1时,您将无法访问计算机.这不是错误,这是由网络接口绑定引起的.
You can't access your machine when you bind it to 127.0.0.1 on EC2. That's not a bug, it's reasoned by the network interface bindings.
127.0.0.1将仅绑定到环回接口(因此您将只能在本地访问它),而0.0.0.0会将其绑定到所有可用的网络接口.
127.0.0.1 will only bind to the loopback interface (so you will only be able to access it locally), while 0.0.0.0 will bind it to all network interfaces that are available.
这就是为什么将EC2绑定到0.0.0.0时可以访问您的mongodb的原因(因为现在可以通过Internet使用它),而不是通过127.0.0.1来访问.
That's why you can access your mongodb on EC2 when you bind it to 0.0.0.0(as it's available through the internet now) and not via 127.0.0.1.
对于看起来与您没有什么不同的本地服务器(例如WAMP或本地mongodb服务器),但是对于这种情况,您还应该绑定到本地服务器的0.0.0.0可能会使它们在所有网络接口上都可用(因此,如果没有防火墙,对于知道您的IP的人来说可能是公开的!)
For local servers (like a WAMP or a local mongodb server) that won't look different to you, but for that case you should also thing that binding to 0.0.0.0 for local servers might make them available over all network interfaces (so it might be public for someone who knows your IP, if there is no firewall!)
在 查看全文
