ERROR

How to Fix MySQL Error 2003 (HY000): Can't Connect to Server

Quick Fix Summary

TL;DR

Verify the MySQL service is running and the client can reach the server's IP address and port (default 3306) through the network.

MySQL ERROR 2003 (HY000) indicates the client cannot establish a network connection to the MySQL server process. This is a fundamental connectivity failure, not an authentication error.

Diagnosis & Causes

  • MySQL service is stopped or crashed.
  • Firewall blocking port 3306 (or custom port).
  • Server is bound to localhost (127.0.0.1) only.
  • Incorrect hostname or IP in connection string.
  • Network routing or DNS resolution failure.

    • Recovery Steps

    1

    Step 1: Verify MySQL Service Status

    First, confirm the MySQL server process is actively running on the target host.

    bash 
    # On the MySQL server host
sudo systemctl status mysql
# Or for older systems
sudo service mysql status
    2

    Step 2: Check Server Network Binding

    Ensure MySQL is listening on a network interface accessible to the client, not just localhost.

    bash 
    sudo netstat -tlnp | grep mysql
# Look for a line like: tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN [PID]/mysqld
    3

    Step 3: Test Basic Network Connectivity

    From the client machine, test if you can reach the server's MySQL port using telnet or netcat.

    bash 
    telnet <server_ip> 3306
# OR
nc -zv <server_ip> 3306
    4

    Step 4: Inspect and Configure Firewall Rules

    Temporarily disable the firewall for testing, or add a rule to allow MySQL traffic.

    bash 
    # For UFW (Ubuntu)
sudo ufw allow 3306/tcp
sudo ufw reload
# For firewalld (RHEL/CentOS)
sudo firewall-cmd --permanent --add-port=3306/tcp
sudo firewall-cmd --reload
    5

    Step 5: Verify MySQL Configuration (bind-address)

    Check and modify the `bind-address` directive in the MySQL configuration file to allow remote connections.

    bash 
    sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
# Find and change:
# bind-address = 127.0.0.1
# To:
bind-address = 0.0.0.0
# Save, then restart MySQL
sudo systemctl restart mysql
    6

    Step 6: Diagnose with MySQL Client Verbose Output

    Use the MySQL client's verbose mode to get detailed error information about the connection attempt.

    bash 
    mysql --verbose --host=<server_ip> --port=3306 --user=<username> -p

    Architect's Pro Tip

    "In cloud environments (AWS, GCP), ERROR 2003 is often a Security Group or VPC firewall rule issue, not the host's local firewall. Always check the cloud console first."

    Frequently Asked Questions

    I fixed bind-address and opened the firewall, but still get ERROR 2003. What's next?

    Check if the server has multiple network interfaces (public/private). The client must use the IP address of the interface where MySQL is bound. Also, verify the user's host permission in MySQL (`GRANT` statements) allows connection from the client's specific IP or '%'.

    What's the difference between ERROR 2003 and ERROR 1045?

    ERROR 2003 is a network-layer failure: 'Can't connect to server'. ERROR 1045 is an application-layer failure: 'Access denied'. If you get 1045, you've successfully connected to the MySQL process but failed authentication.

    Related MySQL Guides

    ERROR 1040

    How to Fix MySQL Error 1040: Too Many Connections
    ERROR 1062

    How to Fix MySQL ERROR 1062: Duplicate Entry
    ERROR 1205 (HY000)

    How to Fix MySQL Error 1205: Lock Wait Timeout Exceeded