Question

Create a SSH Tunnel in Private Network to get access in remote database for WordPress

Hi,

I’ve a droplet (D1) running in SanFransisco 01 datacenter. This is my Apache2 web server running a WordPress site. I’ve created a new Droplet (D2) in SanFransisco 01 datacenter. This one is for MySQL Database. Both has Private Network enabled.

I’ve created a SSH Tunnel in D1 to access database of D2

ssh -fNg -L 3307:127.0.0.1:3306 root@D2_PUBLIC_IP_ADDRESS

But I am getting high latency and want to improve it through connecting it via private network. How can I achieve it?

I’ve tried to ssh to Private IP

ssh root@D2_PRIVATE_IP

but I get this error

connect to host D2_PRIVATE_IP port 22: No route to host

How can I achieve this to minimize latency?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Flamber HansenMay 6, 2017

Hi @arifulhb

Even with SSH over the private networking, there will still be some lag. Have you considered connecting directly over the private networking for MySQL? https://www.digitalocean.com/community/tutorials/how-to-set-up-a-remote-database-to-optimize-site-performance-with-mysql

If you activated the firewall at one point, that might be what’s blocking you currently.

sudo ufw status

You can check what services are listening on the different interfaces with this command:

sudo lsof -iTCP -sTCP:LISTEN -P
Jonathan TittleMay 6, 2017

@arifulhb

You don’t specifically need to setup a tunnel to connect to from D1 (Web) to D2 (DB). You can change the port that MySQL binds to in MySQL’s configuration file and set it to the private network IP – then restart MySQL.

Specifically, you’d be looking for bind-address. So if your private network IP is 10.0.0.2, you’d then set the bind-address like so:

bind-address = 10.0.0.2

Then service mysql restart.

You would then need to create a user for the connecting host. So if your web server has a private IP of 10.0.0.1, then you’d do:

create database name_of_db;

grant all on name_of_db.* to 'name_of_user'@'10.0.0.1' identified by 'password';

name_of_db = name of database

name_of_user = name of database user

password = password for database user

You’d then use those credentials and the private IP of the database server to connect to MySQL.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up