DigitalOcean

Report this

What is the reason for this report?
Question

Problems with remote connection to my mongodb server

Posted on July 7, 2017
Ubuntu 16.04
MongoDB
chadspecter

By chadspecter

I’m having problems connecting to my newly created mongodb replicas set. I created 3 new One-Click severs in the NYC3 data center using the Private Networking option. Getting the replica set running was fairly simple and internally things seems to be working correctly on each server. The problem is that I don’t seem to be able to connect to mongo from any servers outside the set. I can run mongo xx.xx.xx.xx:27017 -u -p and connect to each server from each other server in the data center, but the same command is not working from my dev machine or my servers in other data centers. What am I doing wrong?

This is my configuration.

Cloudflare: A record pointing XXXX.domain.com to each server IP

/etc/mongod.conf

# mongod.conf

# for documentation of all options, see:
#   http://docs.mongodb.org/manual/reference/configuration-options/

# Where and how to store data.
storage:
  dbPath: /var/lib/mongodb
  journal:
    enabled: true
#  engine:
#  mmapv1:
#  wiredTiger:

# where to write logging data.
systemLog:
  destination: file
  logAppend: true
  path: /var/log/mongodb/mongod.log

# network interfaces
net:
  port: 27017
  bindIp: 127.0.0.1,159.203.68.XX

processManagement:
  fork: true

security:
  authorization: enabled

#operationProfiling:

replication:
  replSetName: volatize0

#sharding:

## Enterprise-Only Options:

#auditLog:

#snmp:

Firewall setup commands

sudo apt-get install ufw
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow from ip_of_server/32 to any port 27017
sudo ufw allow from ip_of_dev_system/32 to any port 27017
sudo ufw enable

/etc/hosts

127.0.1.1           mongo-01
127.0.0.1           localhost mongo-01
XX.XX.XX.XX       mongo-01.domain.com
XX.XX.XX.XX      mongo-02.domain.com
XX.XX.XX.XX     mongo-03.domain.com

netstat -anp

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 159.203.68.XX:27017     0.0.0.0:*               LISTEN      1804/mongod     
tcp        0      0 127.0.0.1:27017         0.0.0.0:*               LISTEN      1804/mongod     
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1576/sshd       
tcp        0      0 159.203.68.XX:27017     159.203.113.100:41370   ESTABLISHED 1804/mongod     
tcp        0      0 159.203.68.XX:45276     159.203.113.100:27017   ESTABLISHED 1804/mongod     
tcp        0      0 159.203.68.XX:45280     159.203.113.100:27017   ESTABLISHED 1804/mongod     
tcp        0      0 159.203.68.XX:59872     159.203.103.186:27017   ESTABLISHED 1804/mongod     
tcp        0    296 159.203.68.XX:22        170.20.11.13:28087      ESTABLISHED 1721/0          
tcp        0      0 159.203.68.XX:45278     159.203.113.100:27017   ESTABLISHED 1804/mongod     
tcp        0      0 159.203.68.XX:27017     159.203.103.186:41502   ESTABLISHED 1804/mongod     
tcp6       0      0 :::22                   :::*                    LISTEN      1576/sshd


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Flamber Hansen
Flamber Hansen
July 7, 2017

Hi @chadspecter

If you’re the “Private Networking” function, meaning the IPs starting with 10.x.x.x, then they are only accessible inside the data center. You should be using those IPs to connect the different databases together, since it will be much faster than using the public IP.

Are you using the CloudFlare protection on those A-records or just the DNS with passthru? You should use the passthru, so nothing gets mumbled by CloudFlare.

Can you run this command to list the services listening:

sudo lsof -iTCP -sTCP:LISTEN -P
0
chadspecter
chadspecter
July 7, 2017

I am just using DNS passthrough in Cloudflare. I have not even attempted to enable the private networking addresses yet as I just wanted to get it working over the open IPs first.

Here is the output of sudo lsof -iTCP -sTCP:LISTEN -P

COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sshd    1576 root    3u  IPv4  14187      0t0  TCP *:22 (LISTEN)
sshd    1576 root    4u  IPv6  14189      0t0  TCP *:22 (LISTEN)
mongod  1804 root    7u  IPv4  16752      0t0  TCP localhost:27017 (LISTEN)
mongod  1804 root    9u  IPv4  16754      0t0  TCP mongo-01.domain.name:27017 (LISTEN)
0
chadspecter
chadspecter
July 8, 2017

OK. So it was the IPv6 thing. I rebuilt the replica set as IPv4 and everything works fine. I guess the ISP my office uses has not upgraded yet. Tried the IPv6 system at home (Verizon Fios) and it worked. Thanks for the help!

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.