Traccar MariaDB Connection Timeout Troubleshooting Summary
- Commands to check connection timeout from Laravel server
Run these commands on your Laravel server.
Check ping
ping 13.126.68.234
Stop ping using:
CTRL + C
Note: Ping can fail if ICMP is blocked. So ping is not the final test.
Check MySQL port 3306 on public IP
nc -vz 13.126.68.234 3306
Check MySQL port 3306 on private IP
nc -vz 172.31.34.212 3306
If nc command is missing
sudo apt update
sudo apt install netcat-openbsd -y
Test MySQL login from Laravel server
mysql -h 172.31.34.212 -P 3306 -u traccar -p traccar
or public IP test:
mysql -h 13.126.68.234 -P 3306 -u traccar -p traccar
After login:
SHOW TABLES;
- Meaning of timeout
You received:
nc: connect to 172.31.34.212 port 3306 (tcp) failed: Connection timed out
This means:
Laravel server cannot reach Traccar DB server on port 3306.
Since MariaDB is already listening on:
0.0.0.0:3306
the problem is mostly:
AWS Security Group
UFW firewall
iptables firewall
Network ACL
Different VPC/routing issue
- Commands to check MariaDB on Traccar server
Run these commands on the Traccar DB server.
Check MariaDB is listening on 3306
sudo ss -tulnp | grep 3306
Expected output:
0.0.0.0:3306
Your output is already correct.
Check MariaDB service status
sudo systemctl status mariadb
or:
sudo systemctl status mysql
Restart MariaDB if needed
sudo systemctl restart mariadb
or:
sudo systemctl restart mysql
- Commands to resolve firewall issue on Traccar server
Run on Traccar DB server.
Check UFW status
sudo ufw status
Allow Laravel server private IP
sudo ufw allow from 172.31.6.53 to any port 3306
sudo ufw reload
Check UFW again
sudo ufw status numbered
- Commands to check iptables on Traccar server
sudo iptables -L -n
Check only MySQL related rules:
sudo iptables -L -n | grep 3306
Check if any DROP rule exists:
sudo iptables -L -n | grep DROP
Temporary allow rule for testing:
sudo iptables -I INPUT -p tcp -s 172.31.6.53 --dport 3306 -j ACCEPT
Then test again from Laravel server:
nc -vz 172.31.34.212 3306
- AWS Security Group rule to add
In AWS Console, go to:
EC2 > Traccar Server > Security > Security Group > Inbound Rules
Add this inbound rule:
Type: MySQL/Aurora
Protocol: TCP
Port: 3306
Source: 172.31.6.53/32
Better option:
Source: Laravel server Security Group ID
Do not open MySQL to:
0.0.0.0/0
- DB user permission commands
Run on Traccar DB server.
mysql -u root -p
Check existing Traccar user:
SELECT user, host FROM mysql.user WHERE user='traccar';
Create user for Laravel private IP:
CREATE USER 'traccar'@'172.31.6.53' IDENTIFIED BY 'NEW_STRONG_PASSWORD';
Read-only permission:
GRANT SELECT ON traccar.* TO 'traccar'@'172.31.6.53';
FLUSH PRIVILEGES;
Read/write permission if needed:
GRANT SELECT, INSERT, UPDATE, DELETE ON traccar.* TO 'traccar'@'172.31.6.53';
FLUSH PRIVILEGES;
Check grants:
SHOW GRANTS FOR 'traccar'@'172.31.6.53';
- Final testing commands
Run on Laravel server after firewall/AWS fix.
Test port
nc -vz 172.31.34.212 3306
Expected output:
Connection to 172.31.34.212 3306 port [tcp/mysql] succeeded
Test MySQL login
mysql -h 172.31.34.212 -P 3306 -u traccar -p traccar
Inside MySQL:
SHOW TABLES;
- Laravel .env update
Use private IP:
TRACCAR_DB_HOST=172.31.34.212
TRACCAR_DB_PORT=3306
TRACCAR_DB_DATABASE=traccar
TRACCAR_DB_USERNAME=traccar
TRACCAR_DB_PASSWORD=NEW_STRONG_PASSWORD
Then clear Laravel cache:
php artisan config:clear
php artisan cache:clear
Test in Laravel:
php artisan tinker
Inside tinker:
DB::connection('mysqlTraccar')->select('SHOW TABLES');
- Best final setup
Use this:
Laravel Server Private IP: 172.31.6.53
Traccar DB Server Private IP: 172.31.34.212
MariaDB Port: 3306
Connection: Private AWS network
Most important fix:
Allow inbound MySQL/Aurora port 3306 in Traccar server AWS Security Group from 172.31.6.53/32.
Top comments (0)