XtraDB Cluster behind NAT

MySQL & MariaDB Percona XtraDB Cluster 5.x
1

Hi,

i want start XtraDB Cluster behind NAT with change ports.

For example i have HOST with IP 5.5.5.5 and XtraDB Cluster node behind NAT with ip 10.10.10.10 and ports

5.5.5.5:31082 → 10.10.10.10:3306
5.5.5.5:31083 → 10.10.10.10:4444
5.5.5.5:31084 → 10.10.10.10:4567
5.5.5.5:31085 → 10.10.10.10:4568

What i must add to my.cnf config if i want connect to exist cluster cluster.com (cluster cant connect to 10.10.10.10 without port forwarding)? Is anything else except wsrep_sst_receive_address and ist.recv_addr?

[mysqld_safe]
socket = /var/run/mysqld/mysqld.sock
nice = 0

[mysqld]
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
skip-external-locking

innodb_log_file_size=48M

binlog_format=ROW
wsrep_cluster_address=gcomm://cluster.com
wsrep_sst_auth=sst:xxx
wsrep_provider=/usr/lib/galera3/libgalera_smm.so

# default 4444
wsrep_sst_receive_address = 5.5.5.5:31083

# ist.recv_addr - default 4568 - This variable specifies the address on which nodes listens for Incremental State Transfer (IST).
wsrep_provider_options = "ist.recv_addr=tcp://5.5.5.5:31085;"

bind-address = *
2

Hi my friend …

I don’t know if I am the only one interpreting this like this … but here it goes …
According to what you wrote on the TOP .

5.5.5.5:31082 → 10.10.10.10:3306
5.5.5.5:31083 → 10.10.10.10:4444
5.5.5.5:31084 → 10.10.10.10:4567
5.5.5.5:31085 → 10.10.10.10:4568

On your NAT you are already forwarding the non standard ports to the standard ports .
Now if what you want to do is used the non standard ports on the configuration let us know.

If your table above is correct and my interpretation is correct you just need to program your firewall or NAT for the port forwarding that’s all.
Thanks
Ed

3

Thanks for your reply. Port forwarding is ok. Problem is in my configuration. Now i know problem is with port 4444.

4

If i use this port forwarding (and delete from config file port :31083), is everything ok
5.5.5.5:31082 → 10.10.10.10:3306
5.5.5.5:4444 → 10.10.10.10:4444
5.5.5.5:31084 → 10.10.10.10:4567
5.5.5.5:31085 → 10.10.10.10:4568

But if i use this so i got connection refused :frowning:
5.5.5.5:31082 → 10.10.10.10:3306
5.5.5.5:31083 → 10.10.10.10:4444
5.5.5.5:31084 → 10.10.10.10:4567
5.5.5.5:31085 → 10.10.10.10:4568

Dump from HOST

dock015:~ # tcpdump -ni eth0 port 4444 or port 31083
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
09:37:41.430298 IP 10.22.1.29.50594 > 10.22.1.30.31083: Flags [S], seq 906761535, win 29200, options [mss 1460,sackOK,TS val 160487813 ecr 0,nop,wscale 8], length 0
09:37:41.430389 IP 10.22.1.30.31083 > 10.22.1.29.50594: Flags [R.], seq 0, ack 906761536, win 0, length 0

Dump behind NAT and port forwarding:

root@17dc6ec090d0:/# tcpdump -ni eth0 port 4444 or port 31083
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
08:37:41.430336 IP 10.22.1.29.50594 > 172.17.0.16.4444: Flags [S], seq 906761535, win 29200, options [mss 1460,sackOK,TS val 160487813 ecr 0,nop,wscale 8], length 0
08:37:41.430364 IP 172.17.0.16.4444 > 10.22.1.29.50594: Flags [R.], seq 0, ack 906761536, win 0, length 0

Config file is in my 1st post in this thread. Any idea what is wrong?