MySQL 5.7 Reference Manual Including MySQL NDB Cluster 7.5 and NDB Cluster 7.6
For programs that use the MySQL client library (for example, mysql and mysqldump), MySQL supports connections to the server based on several transport protocols: TCP/IP, Unix socket file, named pipe, and shared memory. This section describes how to select these protocols, and how they are similar and different.
For a given connection, if the transport protocol is not
specified explicitly, it is determined implicitly. For example,
connections to localhost
result in a socket
file connection on Unix and Unix-like systems, and a TCP/IP
connection to 127.0.0.1
otherwise. For
additional information, see Section 4.2.4, “Connecting to the MySQL Server Using Command Options”.
To specify the protocol explicitly, use the
--protocol
command option. The
following table shows the permissible values for
--protocol
and indicates the
applicable platforms for each value. The values are not
case-sensitive.
--protocol Value |
Transport Protocol Used | Applicable Platforms |
---|---|---|
TCP |
TCP/IP | All |
SOCKET |
Unix socket file | Unix and Unix-like systems |
PIPE |
Named pipe | Windows |
MEMORY |
Shared memory | Windows |
TCP/IP transport supports connections to local or remote MySQL servers.
Socket-file, named-pipe, and shared-memory transports support connections only to local MySQL servers. (Named-pipe transport does allow for remote connections, but this capability is not implemented in MySQL.)
If the transport protocol is not specified explicitly,
localhost
is interpreted as follows:
On Unix and Unix-like systems, a connection to
localhost
results in a socket-file
connection.
Otherwise, a connection to localhost
results in a TCP/IP connection to
127.0.0.1
.
If the transport protocol is specified explicitly,
localhost
is interpreted with respect to that
protocol. For example, with
--protocol=TCP
, a connection to
localhost
results in a TCP/IP connection to
127.0.0.1
on all platforms.
TCP/IP and socket-file transports are subject to TLS/SSL encryption, using the options described in Command Options for Encrypted Connections. Named-pipe and shared-memory transports are not subject to TLS/SSL encryption.
A connection is secure by default if made over a transport protocol that is secure by default. Otherwise, for protocols that are subject to TLS/SSL encryption, a connection may be made secure using encryption:
TCP/IP connections are not secure by default, but can be encrypted to make them secure.
Socket-file connections are secure by default. They can also be encrypted, but encrypting a socket-file connection makes it no more secure and increases CPU load.
Named-pipe connections are not secure by default, and are
not subject to encryption to make them secure. However, the
named_pipe_full_access_group
system variable is available to control which MySQL users
are permitted to use named-pipe connections.
Shared-memory connections are secure by default.
If the require_secure_transport
system variable is enabled, the server permits only connections
that use some form of secure transport. Per the preceding
remarks, connections that use TCP/IP encrypted using TLS/SSL, a
socket file, or shared memory are secure connections. TCP/IP
connections not encrypted using TLS/SSL and named-pipe
connections are not secure.
All transport protocols are subject to use of compression on the traffic between the client and server. If both compression and encryption are used for a given connection, compression occurs before encryption. For more information, see Section 4.2.6, “Connection Compression Control”.