Score:0

Server

MySQL connector/ODBC connection error following a DNS mismatch

wiltomap

6/24/23, 2:28 PM

I have troubles configuring a new MySQL connection with ODBC Data Sources (64bits) utility on a Windows Server 2019. I'm using MySQL Workbench to define remote accesses as follow:

The user is granted a SELECT only access:

I have noticed that the server from which I need to initiate the connection (srv-bo) has a static IP address that had already been used in the past by another server (srv-mooc). The ancient remote server entry persisted in the domain controller DNS, so I deleted it. Since then, the ODBC Data Sources (64bits) utility keeps trying to connect with the ancient server's name (srv-mooc)... It seems that some connection informations are kept in memories somewhere but I can't figure it out.

So far, I have tried to flush the DNS cache on my Windows Server 2019 from which I initiate the connection. I have also tried to set up the connection from another user session and after server reboot. Issue is still there:

Error message:

The user credentials work fine from another Windows Server 2019, so connection details are good.

Any idea to help?

Thomas

131

0 + 0

mysql

odbc

windows-server-2019

vidarlo

6/28/23, 9:31 AM

It appears that the user is not allowed to log in from the host it's connecting from. This would explain why it works from another machine. How is the user defined server side? https://www.javatpoint.com/mysql-show-users

0

Reply

wiltomap

6/28/23, 10:23 AM

Thanks. The user is allowed, actually. I have authorized the `srv-abc` only server from which the user can access to the DB. If I remove this filter and authorize any servers, the issue is not there anymore... It seems indeed that it is a DNS issue.

0

Reply

vidarlo

6/28/23, 1:04 PM

The error message says that the user is connecting from `srv-mooc.siveer.fr`...

0

Reply

wiltomap

6/28/23, 1:29 PM

Sorry I have edited my initial post to make it clearer.

0

Reply

vidarlo

6/28/23, 10:22 PM

No reason to be sorry :) My questions was to make the question better - and thus make it more likely that you get a good answer :) It's easy to overlook details in what we write!

0

Reply

Manu

7/1/23, 4:56 PM

can you do a reverse DNS lookup? Don't know if necessary, but may be. Write the srv-bo% in small letters... just in case ;)

0

Reply

wiltomap

7/2/23, 11:40 AM

Reverse DNS lookup is fine and pointing on the right server name. `srv-bo%` in lower case does not change anything...

0

Reply

Mike

7/2/23, 8:20 PM

Is the MySQL server bound to a specific IP range?

0

Reply

wiltomap

7/3/23, 7:09 AM

Yes it does, but it is a 254 addresses classic range, in which both servers (ancient and actual ones) are included.

0

Reply

Score:1

Server

Brandon Xavier

7/3/23, 9:28 PM

It's quite possible MySQL is maintaining an internal DNS cache of hosts. For a quick and dirty test, try SET GLOBAL host_cache_size=0; on the server (if DNS load is a concern, remember to reset it to a non-zero value after testing).

Edit: For a 5.5 MySQL try a FLUSH HOSTS;

References: https://dev.mysql.com/doc/refman/8.0/en/host-cache.html#host-cache-flushing http://download.nust.na/pub6/mysql/doc/refman/5.5/en/dns.html

0 + 0

wiltomap

7/4/23, 8:24 AM

Good idea! ...but (sorry) the `mysql.host` table on the remote server is empty (I guess the `host_cache_size` is already set to 0). On the server from which I initiate the connection, I have no MySQL local instance.

0

Reply

Brandon Xavier

7/4/23, 2:48 PM

If you're checking the tables manually, you'll want to look at `mysql.host_cache` as opposed to `mysql.host`

0

Reply

wiltomap

7/4/23, 2:57 PM

I don't have such a table... The MySQL version is 5.5.62.

0

Reply

Brandon Xavier

7/4/23, 3:28 PM

See edits for 5.5 MySQL (which would have been handy to know beforehand:-)

0

Reply

Brandon Xavier

7/7/23, 4:42 PM

One final comment, `host_cache` is actually exposed (in versions >= 5.6) thru the `performance_schema` pseudo DB not thru `mysql` (it maps in-memory data structures to SQL-like tables)

0

Reply

Score:0

Server

Zhivko Zhelev

6/28/23, 1:53 PM

You can try to edit this file C:\Windows\System32\drivers\etc\hosts in which are stored all local DNS records. Also please check what is the answer of the current DNS server Windows uses, looks like it has a PTR record somewhere.

0 + 0

wiltomap

6/28/23, 3:01 PM

`hosts` file is the default one I guess (all lines are commented and no `srv-mooc`). I find no entry at all within Domain Controller DNS. `nslookup` command returns the name of the right server, not the ancient one. I find no PTR record, anywhere...

0

Reply

Zhivko Zhelev

6/28/23, 3:23 PM

When you creating the rule to block other connections how you specify host name of the allowed one?

0

Reply

wiltomap

6/28/23, 3:46 PM

I entered `srv-bo%` as I need another server named `srv-bo-rct` to be able to connect. I tried to enter `srv-bo` without the wildcard, but issue persists.

0

Reply

Zhivko Zhelev

6/28/23, 4:02 PM

I'm not sure how this will work. I suggest you to just allow both hosts separately with the full name, this should do the job. Please check the answer.

0

Reply

wiltomap

6/28/23, 4:06 PM

No it doesn't. As I wrote in my previous comment, I tried with entering `srv-bo` alone and I get the same error.

0

Reply

Zhivko Zhelev

6/28/23, 4:08 PM

```GRANT ALL PRIVILEGES ON yourDB.* TO srv-mooc@'srv-mooc.siveer.fr' IDENTIFIED BY 'password';``` like this right?

0

Reply

wiltomap

6/28/23, 4:10 PM

I'm using *MySQL Workbench* to define remote accesses. So this is defined within this application interface, inside filtering field.

0

Reply

wiltomap

6/28/23, 4:19 PM

Just updated initial post with screenshots for *MySQL Workbench*.

0

Reply

Zhivko Zhelev

6/28/23, 4:23 PM

yep better, please enter ```hostname``` in command prompt on the windows server

0

Reply

Zhivko Zhelev

6/28/23, 4:40 PM

and is it possible to just create two different users for the db and specify the full hostnames?

0

Reply

wiltomap

7/1/23, 7:44 AM

`hostname` command returns `SRV-BO` as expected. Creating a new user filtered from `SRV-BO` only gives the same error. I have also tried to authorize any server by entering wildcard `%` only, without anymore success...

0

Reply

Zhivko Zhelev

7/1/23, 12:35 PM

try giving more permissions to this user ```srv-bo```

0

Reply

wiltomap

7/1/23, 12:52 PM

Same result, unfortunately...

0

Reply

Zhivko Zhelev

7/1/23, 2:48 PM

I think something is messed up with DNS settings, you said when you deleted this old record after that problem appear, so please check them again

0

Reply

wiltomap

7/1/23, 3:32 PM

The issue always occured, either before and after deleting the unwanted DNS entry. I think that I shouldn't have tried to initiate the connection before deleting DNS entry. As I wrote in my post, I think some kind of cache is stored somewhere but not in usual locations or files...

0

Reply

Zhivko Zhelev

7/1/23, 3:37 PM

This is weirs because all dns queries have a ttl(time to live) which can be maximum 3600 seconds and if this time pass it should resolve new hostname... Idea: create a CNAME record from ```srv-mooc.siveer.fr to srv-bo.siveer.fr and see if this gonna work

0

Reply

Score:0

Server

wiltomap

7/7/23, 8:17 AM

After loads of searches and precious help in the various comments, I eventually managed to solve the issue by executing a FLUSH HOSTS; SQL query within query editor on the remote server.

See MySQL 5.5 documentation here.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: MySQL connector/ODBC connection error following a DNS mismatch

TH: ข้อผิดพลาดการเชื่อมต่อตัวเชื่อมต่อ MySQL/ODBC หลังจาก DNS ไม่ตรงกัน

RO: Eroare de conectare a conectorului MySQL/ODBC în urma unei nepotriviri DNS

RU: Ошибка подключения соединителя MySQL/ODBC из-за несоответствия DNS

VI: Trình kết nối MySQL/lỗi kết nối ODBC sau khi DNS không khớp

MySQL connector/ODBC connection error following a DNS mismatch

Post an answer