MySQL对IPv6的支持包括这些功能:
.MySQL服务器可以接受客户端通过IPv6进行TCP/IP连接。例如下面的命令是在本机通过IPv6来连接MySQL服务器:
[mysql@localhost ~]$ mysql -h ::1 -uusername -ppassword
要使用这个功能必须满足以下两个条件;
.服务器操作系统必须被配置支持IPv6
.MySQL服务器缺省配置必须除了支持IPv4的连接之外还要支持IPv6的连接。为了改变缺省配置可以在启动MySQL服务器时使用合适的--bind-address选项。
.MySQL账号名允许使用IPv6地址能让DBA为通过IPv6连接到服务器的客户端指定权限。例如:
mysql> create user 'v6root'@'::1' identified by "abcd";
mysql> grant select on mysql.* to 'v6root'@'::1';
.IPv6功能支持在字符串和内部格式IPv6地址格式之间进行转换并且检查其是否为有效的IPv6地址。例如
INET6_ATON()和INET6_NTOA()类似于INET_ATON()和INET_NTOA(),但除了能处理IPv4地址之外还能处理IPv6地址。
验证操作系统是否支持IPv6
在MySQL服务器可以接受IPv6的连接之前,服务器所在操作系统主机必须支持IPv6。例如在Linux主机上执行以下命令:
[root@localhost ~]# ping6 ::1
PING ::1(::1) 56 data bytes
64 bytes from ::1: icmp_seq=1 ttl=64 time=0.100 ms
64 bytes from ::1: icmp_seq=2 ttl=64 time=0.056 ms
64 bytes from ::1: icmp_seq=3 ttl=64 time=0.035 ms
64 bytes from ::1: icmp_seq=4 ttl=64 time=0.039 ms
....
为了对操作系统网络接口生成详细的描述,执行ifconfig -a并查看输出中的IPv6地址。
[root@localhost ~]# ifconfig -a
docker0: flags=4163 mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:15ff:fe1d:e05a prefixlen 64 scopeid 0x20
ether 02:42:15:1d:e0:5a txqueuelen 0 (Ethernet)
RX packets 15 bytes 3638 (3.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 33 bytes 3825 (3.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens160: flags=4163 mtu 1500
inet 192.168.1.250 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::250:56ff:fea3:90e6 prefixlen 64 scopeid 0x20
ether 00:50:56:a3:90:e6 txqueuelen 1000 (Ethernet)
RX packets 5634313 bytes 364548809 (347.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 19054 bytes 2337541 (2.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0如果你的操作系统不支持IPv6,查看操作系统文档查找相关指令来启用IPv6。这可能只需要重新配置现有的网络接口来增加一个IPv6地址。或者需要执行更多的修改,比如使用IPv6选项来重建内核。
配置MySQL服务器允许IPv6连接
MySQL服务器对于TCP/IP连接会监听单个网络套接字。这种套接字被绑定到单个地址,但是可能一个地址映射到多个网络接口。为了指定一个地址,在服务器启动时使用--bind-address=addr选项,addr是IPv4或IPv6地址或主机名。(在MySQL 5.5.3之前不支持IPv6地址)。如果addr是主机名,服务器会解析这个主机名为一个IP地址并绑定到这个地址。
服务器对不同类型地址的处理如下:
.如果地址为*,如果服务器主机支持IPv6那么服务器可以接受来自所有服务器上所有IPv6和IPv4网络接口的TCP/IP连接,或者否则只会接受来自所有服务器上IPv4地址的TCP/IP连接。使用这个地址允许接受来自所有服务器网络接口的IPv4和IPv6连接。这个值是缺省值。
.如果地址为0.0.0.0,服务器只能接受来自所有服务器上IPv4网络接口的TCP/IP连接。
.如果地址为::,服务器接受来自所有服务器上的IPv4和IPv6网络接口的TCP/IP连接,这使用这个地址允许接受来自所有服务器网络接口的IPv4和IPv6连接。
.如果地址为IPv4映射地址,服务器接受来自这个地址的TCP/IP连接,这个地址是IPv4或IPv6格式。例如,如果服务器被绑定到::ffff:127.0.0.1,客户端可以使用--host=127.0.0.1或--host=::ffff:127.0.0.1来进行连接。
.如果地址为常规的IPv4或IPv6地址(比如127.0.0.1或::1),服务器只能接受IPv4或IPv6地址的TCP/IP连接。
如果倾向于绑定服务器到一个特定地址,确保mysql.user授权表包含一个有管理权限的用户可以使用这个地址进行连接。否则你将不能关闭服务器。例如,如果你倾向绑定服务器到*,你可以使用现有的所有账号来连接。但是如果你绑定服务器到::1,它只能接受这个地址的连接。在这种情况下,首先确保'root'@'::1'账号在mysql.user表中存在,所以可以仍然连接到服务器并关闭它。
使用IPv6本地主机地址连接MySQL服务器
下面介绍如何配置MySQL允许客户端通过IPv6(::1本地主机地址)连接到本地服务器。
1.在启动MySQL服务器时使用合适的--bind-address选项来允许服务器接受IPv6连接。例如,在my.cnf选项文件中设置bind-address并重启服务器
[mysqld]
......
bind-address=*
......
[root@localhost ~]# systemctl stop mysqld
[root@localhost ~]# systemctl start mysqld
[root@localhost ~]# systemctl status mysqld
- mysqld.service - LSB: start and stop MySQL
Loaded: loaded (/etc/rc.d/init.d/mysqld; bad; vendor preset: disabled)
Active: active (running) since 二 2020-01-14 16:56:48 CST; 5s ago
Docs: man:systemd-sysv-generator(8)Process: 23257 ExecStart=/etc/rc.d/init.d/mysqld start (code=exited, status=0/SUCCESS)
Tasks: 28Memory: 168.2M
CGroup: /system.slice/mysqld.service
|-23273 /bin/sh /mysqlsoft/mysql/bin/mysqld_safe --datadir=/mysqldata/mysql --pid-file=/mysqldata/mysql/mysqld.pid
`-23591 /mysqlsoft/mysql/bin/mysqld --basedir=/mysqlsoft/mysql --datadir=/mysqldata/mysql --plugin-dir=/mysqlsoft/mysql/lib/plugin --user=mysql --log-error=/mysqldata/mysql/mysql.err --pid-file=/mysqldata/mysql/mysqld.pid ...
1月 14 16:56:46 localhost.localdomain systemd[1]: Starting LSB: start and stop MySQL...
1月 14 16:56:48 localhost.localdomain mysqld[23257]: Starting MySQL.. SUCCESS!
1月 14 16:56:48 localhost.localdomain systemd[1]: Started LSB: start and stop MySQL.
另外,你也可以绑定服务器到::1,但这会使用服务器更加受限于TCP/IP连接。它只能接受单个IPv6地址的连接并且会拒绝IPv4的连接。
2.作为管理员,连接到服务器创建一个本地用户账号它将使用::1本地IPv6主机地址进行连接
mysql> create user 'ipv6root'@'::1' identified by "abcd";
Query OK, 0 rows affected (0.01 sec)
mysql> grant select on . to 'ipv6root'@'::1';
Query OK, 0 rows affected (0.02 sec)
3.调用mysql客户端工具使用新创建的账号连接服务器
[mysql@localhost mysql]$ mysql -h ::1 -uipv6root -pabcd mysql
mysql: [Warning] Using a password on the command line interface can be insecure.
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 7
Server version: 5.7.26-log Source distribution
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
- Other names may be trademarks of their respective
owners.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
| mysql> select host,user from user; | |
|---|---|
| host | user |
| % | csroot |
| % | root |
| ::1 | ipv6root |
| localhost | mysql.session |
| localhost | mysql.sys |
5 rows in set (0.00 sec)
4.执行status命令来显示连接信息
mysql> status
mysql Ver 14.14 Distrib 5.7.26, for Linux (x86_64) using EditLine wrapper
Connection id: 7
Current database: mysql
Current user: ipv6root@localhost
SSL: Cipher in use is DHE-RSA-AES256-SHA
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.7.26-log Source distribution
Protocol version: 10
Connection: ::1 via TCP/IP
Server characterset: utf8mb4
Db characterset: utf8mb4
Client characterset: gb2312
Conn. characterset: gb2312
TCP port: 3306
Uptime: 11 min 47 sec
Threads: 1 Questions: 263 Slow queries: 0 Opens: 336 Flush tables: 1 Open tables: 329 Queries per second avg: 0.371
| mysql> SELECT CURRENT_USER(), @@bind_address; | |
|---|---|
| CURRENT_USER() | @@bind_address |
| ipv6root@::1 | * |
1 row in set (0.00 sec)
使用IPv6非本地主机地址连接MySQL服务器
下面将介绍如何配置MySQL服务器允许远程主机通过IPv6来连接MySQL服务器。这类似于在本地主机使用IPv6连接MySQL服务器一样,但服务器与客户端在不同的主机上,每台主机有不同的IPv6地址。
服务器主机的IPv6地址为2018::1
[root@shard1 network-scripts]# ifconfig -a
ens160: flags=4163 mtu 1500
inet6 2018::1 prefixlen 64 scopeid 0x0
ether 00:50:56:a0:51:0c txqueuelen 1000 (Ethernet)
RX packets 27089788 bytes 2770300693 (2.5 GiB)
RX errors 0 dropped 6 overruns 0 frame 0
TX packets 6720001 bytes 532979878 (508.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
客户端主机的IPv6地址为2018::2
ens160: flags=4163 mtu 1500
inet6 2018::2 prefixlen 64 scopeid 0x0
ether 00:50:56:a0:4e:69 txqueuelen 1000 (Ethernet)
RX packets 25337245 bytes 1913014541 (1.7 GiB)
RX errors 0 dropped 127 overruns 0 frame 0
TX packets 1536650 bytes 166036937 (158.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0具体操作如下:
1.在启动MySQL服务器时使用合适的--bind-address选项来允许服务器接受IPv6连接。例如,在my.cnf选项文件中设置bind-address并重启服务器
[mysqld]
......
bind-address=*
......
[root@localhost ~]# systemctl stop mysqld
[root@localhost ~]# systemctl start mysqld
[root@localhost ~]# systemctl status mysqld
- mysqld.service - LSB: start and stop MySQL
Loaded: loaded (/etc/rc.d/init.d/mysqld; bad; vendor preset: disabled)
Active: active (running) since 二 2020-01-14 16:56:48 CST; 5s ago
Docs: man:systemd-sysv-generator(8)Process: 23257 ExecStart=/etc/rc.d/init.d/mysqld start (code=exited, status=0/SUCCESS)
Tasks: 28Memory: 168.2M
CGroup: /system.slice/mysqld.service
|-23273 /bin/sh /mysqlsoft/mysql/bin/mysqld_safe --datadir=/mysqldata/mysql --pid-file=/mysqldata/mysql/mysqld.pid
`-23591 /mysqlsoft/mysql/bin/mysqld --basedir=/mysqlsoft/mysql --datadir=/mysqldata/mysql --plugin-dir=/mysqlsoft/mysql/lib/plugin --user=mysql --log-error=/mysqldata/mysql/mysql.err --pid-file=/mysqldata/mysql/mysqld.pid ...
1月 14 16:56:46 localhost.localdomain systemd[1]: Starting LSB: start and stop MySQL...
1月 14 16:56:48 localhost.localdomain mysqld[23257]: Starting MySQL.. SUCCESS!
1月 14 16:56:48 localhost.localdomain systemd[1]: Started LSB: start and stop MySQL.
另外,可以绑定服务器到2018:db1:0:f01::1,但这会使用服务器更加受限于TCP/IP连接。它只能接受单个IPv6地址的连接并且会拒绝IPv4的连接。
2.在服务器中(2018::1)创建一个账号将从客户端主机(2018::2)上连接服务器
mysql> create user 'csroot'@'%' identified by "123456";
Query OK, 0 rows affected (0.01 sec)
mysql> GRANT ALL PRIVILEGES ON . TO 'csroot'@'%' IDENTIFIED BY '123456' WITH GRANT OPTION;
Query OK, 0 rows affected (0.00 sec)
3.在客户端主机上(2018::2),调用mysql客户端使用创建的新账号来连接服务器(我这时使用MariaDB作为客户端工具)
-bash-4.2$ mysql -h 2018::1 -ucsroot -p123456 mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MySQL connection id is 6
Server version: 5.6.23 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MySQL [mysql]>
4.执行status命令来显示连接信息
MySQL [mysql]> status
mysql Ver 15.1 Distrib 10.0.38-MariaDB, for Linux (x86_64) using readline 5.1
Connection id: 6
Current database: mysql
Current user: csroot@2018::2
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server: MySQL
Server version: 5.6.23 MySQL Community Server (GPL)
Protocol version: 10
Connection: 2018::1 via TCP/IP
Server characterset: latin1
Db characterset: latin1
Client characterset: gb2312
Conn. characterset: gb2312
TCP port: 3306
Uptime: 34 days 50 min 24 sec
Threads: 2 Questions: 175 Slow queries: 0 Opens: 87 Flush tables: 1 Open tables: 80 Queries per second avg: 0.000
| MySQL [mysql]> select current_user(),@@bind_address; | |
|---|---|
| current_user() | @@bind_address |
| csroot@% | * |
1 row in set (0.00 sec)
