FWIW,我发布了一个相关的关于 Stack Overflow 的编程问题。
我在 VirtualBox 上安装了 Linux Mint 来测试Redis我安装的服务器。
Linux 机器通过桥接适配器与本地网络连接。
我在那台 Linux 机器上安装了 Redis 服务器,但需要从 Windows(主机)计算机访问它。
从 Linux 机器上看,Redis 服务器在端口号 6379 上运行,我需要公开它……
$ netstat -nlt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp6 0 0 ::1:6379 :::* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
从 Windows 机器上
C:\Users\myUser>nmap 10.14.30.51
Starting Nmap 7.70 ( https://nmap.org )
Nmap scan report for 10.14.30.51
Host is up (0.00s latency).
All 1000 scanned ports on 10.14.30.51 are closed
MAC Address: 08:00:27:98:94:49 (Oracle VirtualBox virtual NIC)
Nmap done: 1 IP address (1 host up) scanned in 0.56 seconds
但是当我执行特定端口时它显示:
C:\Users\my-user>nmap -p 6379 10.14.30.51
...
Nmap scan report for 10.14.30.51 Host is up (0.0010s latency).
PORT STATE SERVICE
6379/tcp filtered redis
MAC Address: 08:00:27:98:94:49 (Oracle VirtualBox virtual NIC)
Nmap done: 1 IP address (1 host up) scanned in 0.80 seconds
现在
$ netstat -nlt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp6 0 0 ::1:6379 :::* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
我拥有的连接日志
10.14.30.51:6379,abortConnect=False
Connecting 10.14.30.51:6379/Interactive...
BeginConnect: 10.14.30.51:6379
1 unique nodes specified
Requesting tie-break from 10.14.30.51:6379 > __Booksleeve_TieBreak...
Allowing endpoints 00:00:05 to respond...
Awaiting task completion, IOCP: (Busy=0,Free=1000,Min=4,Max=1000), WORKER: (Busy=1,Free=8190,Min=4,Max=8191)
Not all tasks completed cleanly (from ReconfigureAsync#1524, timeout 5000ms), IOCP: (Busy=0,Free=1000,Min=4,Max=1000), WORKER: (Busy=4,Free=8187,Min=4,Max=8191)
10.14.30.51:6379 did not respond
Waiting for tiebreakers...
Awaiting task completion, IOCP: (Busy=0,Free=1000,Min=4,Max=1000), WORKER: (Busy=4,Free=8187,Min=4,Max=8191)
connection failed: 10.14.30.51:6379 (Subscription, UnableToConnect): UnableToConnect on 10.14.30.51:6379/Subscription, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 5s ago, last-write: 5s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 0s ago, v: 2.0.601.3402
connection failed: 10.14.30.51:6379 (Interactive, UnableToConnect): UnableToConnect on 10.14.30.51:6379/Interactive, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 5s ago, last-write: 5s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 0s ago, v: 2.0.601.3402
Finished awaiting tasks, IOCP: (Busy=2,Free=998,Min=4,Max=1000), WORKER: (Busy=3,Free=8188,Min=4,Max=8191)
10.14.30.51:6379 failed to nominate (Faulted)
> UnableToConnect on 10.14.30.51:6379/Interactive, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 5s ago, last-write: 5s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 0s ago, v: 2.0.601.3402
No masters detected
10.14.30.51:6379: Standalone v2.0.0, master; keep-alive: 00:01:00; int: Connecting; sub: Connecting; not in use: DidNotRespond
10.14.30.51:6379: int ops=0, qu=0, qs=0, qc=0, wr=0, socks=2; sub ops=0, qu=0, qs=0, qc=0, wr=0, socks=2
Circular op-count snapshot; int: 0 (0,00 ops/s; spans 10s); sub: 0 (0,00 ops/s; spans 10s)
Sync timeouts: 0; async timeouts: 0; fire and forget: 0; last heartbeat: -1s ago
resetting failing connections to retry...
retrying; attempts left: 2...
1 unique nodes specified
Requesting tie-break from 10.14.30.51:6379 > __Booksleeve_TieBreak...
Allowing endpoints 00:00:05 to respond...
Awaiting task completion, IOCP: (Busy=2,Free=998,Min=4,Max=1000), WORKER: (Busy=2,Free=8189,Min=4,Max=8191)
Finished awaiting tasks, IOCP: (Busy=0,Free=1000,Min=4,Max=1000), WORKER: (Busy=3,Free=8188,Min=4,Max=8191)
10.14.30.51:6379 faulted: UnableToConnect on 10.14.30.51:6379/Interactive, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 0s ago, last-write: 0s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 0s ago, v: 2.0.601.3402
Waiting for tiebreakers...
All tasks are already complete
10.14.30.51:6379 failed to nominate (Faulted)
> UnableToConnect on 10.14.30.51:6379/Interactive, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 0s ago, last-write: 0s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 0s ago, v: 2.0.601.3402
No masters detected
10.14.30.51:6379: Standalone v2.0.0, master; keep-alive: 00:01:00; int: Disconnected; sub: Disconnected; not in use: DidNotRespond
10.14.30.51:6379: int ops=0, qu=0, qs=0, qc=0, wr=0, socks=2; sub ops=0, qu=0, qs=0, qc=0, wr=0, socks=2
Circular op-count snapshot; int: 0 (0,00 ops/s; spans 10s); sub: 0 (0,00 ops/s; spans 10s)
Sync timeouts: 0; async timeouts: 0; fire and forget: 0; last heartbeat: -1s ago
resetting failing connections to retry...
retrying; attempts left: 1...
1 unique nodes specified
Requesting tie-break from 10.14.30.51:6379 > __Booksleeve_TieBreak...
Allowing endpoints 00:00:05 to respond...
Awaiting task completion, IOCP: (Busy=0,Free=1000,Min=4,Max=1000), WORKER: (Busy=2,Free=8189,Min=4,Max=8191)
Not all tasks completed cleanly (from ReconfigureAsync#1524, timeout 5000ms), IOCP: (Busy=0,Free=1000,Min=4,Max=1000), WORKER: (Busy=4,Free=8187,Min=4,Max=8191)
10.14.30.51:6379 did not respond
Waiting for tiebreakers...
Awaiting task completion, IOCP: (Busy=0,Free=1000,Min=4,Max=1000), WORKER: (Busy=5,Free=8186,Min=4,Max=8191)
Finished awaiting tasks, IOCP: (Busy=0,Free=1000,Min=4,Max=1000), WORKER: (Busy=3,Free=8188,Min=4,Max=8191)
10.14.30.51:6379 failed to nominate (Faulted)
> UnableToConnect on 10.14.30.51:6379/Interactive, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 5s ago, last-write: 5s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 5s ago, v: 2.0.601.3402
No masters detected
10.14.30.51:6379: Standalone v2.0.0, master; keep-alive: 00:01:00; int: Disconnected; sub: Disconnected; not in use: DidNotRespond
10.14.30.51:6379: int ops=0, qu=0, qs=0, qc=0, wr=0, socks=3; sub ops=0, qu=0, qs=0, qc=0, wr=0, socks=3
Circular op-count snapshot; int: 0 (0,00 ops/s; spans 10s); sub: 0 (0,00 ops/s; spans 10s)
Sync timeouts: 0; async timeouts: 0; fire and forget: 0; last heartbeat: -1s ago
Starting heartbeat...
我的redis.conf文件(仅限未注释的文件)
protected-mode yes
port 6379
tcp-backlog 511
tcp-keepalive 300
supervised no
pidfile /var/run/redis_6379.pid
loglevel notice
logfile ""
databases 16
always-show-logo yes
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir ./
################################# REPLICATION #################################
replica-serve-stale-data yes
replica-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
replica-priority 100
################################## SECURITY ###################################
requirepass redisdis
############################# LAZY FREEING ####################################
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
############################## APPEND ONLY MODE ###############################
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
aof-use-rdb-preamble yes
################################ LUA SCRIPTING ###############################
lua-time-limit 5000
################################## SLOW LOG ###################################
slowlog-max-len 128
################################ LATENCY MONITOR ##############################
latency-monitor-threshold 0
############################# EVENT NOTIFICATION ##############################
notify-keyspace-events ""
############################### ADVANCED CONFIG ###############################
list-max-ziplist-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
stream-node-max-bytes 4096
stream-node-max-entries 100
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
dynamic-hz yes
aof-rewrite-incremental-fsync yes
rdb-save-incremental-fsync yes
答案1
正如Local Address专栏所指出的,你的 Redis 服务器只是聆听针对“localhost”地址(即 127.0.0.1 和 [::1])的连接。但是,您连接的是地址 10.14.30.51,该地址未侦听任何连接。
这只是其中的一部分Redis 安全模型– 不是设计适用于网络使用,默认情况下不需要密码,而是优先考虑网络级保护(监听地址、防火墙规则),这样其他主机根本无法连接到该服务。(因为如果可以,那么所有这些开放的 Redis 安装都将成为 DDoS 生成机器,就像 Memcached 已经发生过几次一样。)
要使 Redis 可通过网络访问,请按照前面链接的文章进行操作。要点如下:
确保 Linux 系统将不是可通过互联网通过 Redis 端口访问。您的家用路由器可能提供防火墙来阻止传入连接(并且服务器也有一个私有 IP 地址),但无论如何,在配置任何服务器时都不应该忘记这一点。
使用 redis.conf 选项启用 Redis 密码验证
requirepass。最后,删除 redis.conf
bind配置选项(例如bind 127.0.0.1或bind ::1),这些选项指示它仅限制监听特定地址的连接。此后,您的 netstat 命令应报告 Redis 正在监听“全零”地址 0.0.0.0 和 [::]。