MongoDB bind_ip错误:bind()失败errno:99无法为套接字分配请求的地址 [英] MongoDB bind_ip error: bind() failed errno:99 Cannot assign requested address for socket
问题描述
我想将mongodb配置为允许来自66.31.123.123之类的外部ip地址的远程连接.
I want to configure mongodb to allow remote connections from an external ip address like 66.31.123.123.
将0.0.0.0设置为bind_ip是可行的,但我想更严格一些,只允许某些IP地址进行连接.我将66.31.123.123附加到bind_ip列表中,但是mongodb在下面抛出错误:
Setting 0.0.0.0 to bind_ip works, but I want to be more restrictive and only allow certain ip addresses to connect. I appended 66.31.123.123 to the bind_ip list but mongodb throws an error below:
mongodb.conf
bind_ip = 127.0.0.1,66.31.123.123
port = 27017
auth = true
mongodb日志
Mon Dec 9 03:25:59 [initandlisten] ERROR: listen(): bind() failed errno:99 Cannot assign requested address for socket: 66.31.123.123:27017
问题:为什么添加外部IP无效?如果使用auth=true,是否足以将0.0.0.0用作bind_ip?可以从Meteor.js应用程序本地访问mongodb.
Question: Why does adding an external ip not work? If auth=true is used, does that make it safe enough to use 0.0.0.0 as the bind_ip? The mongodb will be locally accessed from a Meteor.js app.
推荐答案
正如guido所说,bind_ip用于mongo服务器自己的IP地址.
As guido said, the bind_ip is for the mongo server's own IP address.
Auth是一个好主意,但仅依靠auth可以使您遭受蛮力攻击.
Auth is a good idea but only relying on auth opens you up to a brute force attack.
您可以bind_ip = 0.0.0.0并使用防火墙阻止来自端口27017的所有传入连接,除非来自66.31.123.123.
You could bind_ip = 0.0.0.0 and use a firewall to block all incoming connections to port 27017, unless coming from 66.31.123.123.
另一个问题是流星服务器与mongo服务器之间的距离-是在私有网络上还是在公共网络上.如果在公众范围内,您应该重新编译mongodb以支持SSL ,或者您应该通过SSH隧道mongodb连接.
Another concern is proximity of your meteor server to your mongo server — is it on private networking or across public network. If across public, you should either recompile mongodb to support SSL, or you should tunnel your mongodb connection through SSH.
如果您确实决定使用隧道,则将bind_ip设置为127.0.0.1,并忽略传入的27017.
If you do decide to tunnel, bind_ip to 127.0.0.1 and leave out incoming 27017.
这篇关于MongoDB bind_ip错误:bind()失败errno:99无法为套接字分配请求的地址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
