Connection Transport Protocols for MySQL

Programs such as ‘mysql’ and ‘mysqldump’, that use MySQL client library have the support of MySQL connection to server with the help of many transport protocols, such as TCP/IP, Unix socket file, named pipe, shared memory, and so on. Let us understand the connection transport protocols used with MySQL −

The below table shows the values permitted for --protocol and also tells the platforms where each of these values are applicable. It is to be noted that the values are not case-sensitive.

TCP/IP

TCP/IP transport supports connections to local or remote MySQL servers too.

Named-pipe transport

The named-pipe transport does allow for remote connections, but this ability hasn’t been implemented in MySQL as of now. Only support connections to local MySQL servers. It need not be TLS/SSL encrypted.

Socket-file

Socket-file transport only support connections to local MySQL servers. It can be TLS/SSL encrypted.

Shared-memory

It transports only support connections to local MySQL servers. It need not be TLS/SSL encrypted.

How to make a connection secure?

A connection is secure by default if it is established over a transport protocol which is secure by default. Else, for protocols that are TLS/SSL encrypted, a connection can be made secure using encryption −

• TCP/IP connections are not secure by default, but they can be encrypted to make them secure.

• Socket-file connections are secure by default. They can be encrypted, but it doesn’t make it any more secure and only increases CPU load.

• Named-pipe connections are not secure by default, and need not be encrypted to make them secure. But the named_pipe_full_access_group system variable is made available that helps control which MySQL users would be given permission to use named-pipe connections.

• Shared-memory connections are secure by default.