Question
Troubleshooting remote mongodb connections
My mongo server on Digital Ocean (DO) appears to be accepting connections correctly, but my PC does not see the ip & port as open with an nmap. The server is receiving connections without issues from a different server on DO.
What is especially odd is that this was working perfectly fine and suddenly stopped.
There is a small possibility that this is interfering - I setup port forwarding and DynDNS with my router. “Small possibility” because i’m 85% sure I had this issue before setup of port forwarding & ddns. I thought it was just the changing of my local ip address and I would just need to add it to the mongo server ufw again.
On the Mongo Server
ufw status
root@mongo:~# ufw status
Status: active
To Action From
-- ------ ----
22/tcp LIMIT Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
27017 ALLOW [-- other server ip address that works --]
27017 ALLOW [-- local machine ip address --]
OpenSSH ALLOW Anywhere
27017 ALLOW Anywhere
27017 ALLOW [-- local public ip address --]
22/tcp (v6) LIMIT Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
OpenSSH (v6) ALLOW Anywhere (v6)
27017 (v6) ALLOW Anywhere (v6)
nmap
root@mongo:~# nmap [-- mongo server ip address --] -p 27017
Starting Nmap 7.60 ( https://nmap.org ) at 2020-08-05 17:32 UTC
Nmap scan report for mongo ([-- mongo server ip address --])
Host is up (0.000036s latency).
PORT STATE SERVICE
27017/tcp open mongod
Nmap done: 1 IP address (1 host up) scanned in 0.25 seconds
netstat -plnt
root@mongo:~# netstat -plnt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 694/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 924/sshd
tcp 0 0 [mongo ip]:27017 0.0.0.0:* LISTEN 2040/mongod
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 2040/mongod
tcp6 0 0 :::22 :::* LISTEN 924/sshd
On my Local PC
myusername@mb ~ % nmap [-- mongo server ip address --] -p 27017
Starting Nmap 7.80 ( https://nmap.org ) at 2020-08-05 13:30 EDT
Nmap scan report for [-- mongo server ip address --]
Host is up (0.024s latency).
PORT STATE SERVICE
27017/tcp filtered mongod
Nmap done: 1 IP address (1 host up) scanned in 0.43 seconds
There is something going on in between these machines that I haven’t caught. I need this to CRUD my production database locally.
Things I’ve tried:
- Removing and adding back the ip address from ufw
- Making 27017 allowed from anywhere (as seen above; previously restricted to only specific ips)
- Listening for connections on 27017 with nc localhost 27017 (have not heard anything)
- ufw disable - still returns filtered on local PC.
- Disabled the DynDNS
- Added 27017 to my router’s firewall.
- Testing nmap through a VPN
None of these have worked.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×