Programs such as ‘mysql’ and ‘mysqldump’, that use MySQL client library have the support of MySQL connection to server with the help of many transport protocols, such as TCP/IP, Unix socket file, named pipe, shared memory, and so on. Let us understand the connection transport protocols used with MySQL −
The below table shows the values permitted for --protocol and also tells the platforms where each of these values are applicable. It is to be noted that the values are not case-sensitive.
| --protocol value | Transport protocol used | Applicable platforms |
|---|---|---|
| TCP | TCP/IP | All |
| SOCKET | Unix socket file | Unix and Unix-like systems |
| PIPE | Named pipe | Windows |
| MEMORY | Shared memory | Windows |
TCP/IP
TCP/IP transport supports connections to local or remote MySQL servers too.
Named-pipe transport
The named-pipe transport does allow for remote connections, but this ability hasn’t been implemented in MySQL as of now. Only support connections to local MySQL servers. It need not be TLS/SSL encrypted.
Socket-file
Socket-file transport only support connections to local MySQL servers. It can be TLS/SSL encrypted.
Shared-memory
It transports only support connections to local MySQL servers. It need not be TLS/SSL encrypted.
How to make a connection secure?
A connection is secure by default if it is established over a transport protocol which is secure by default. Else, for protocols that are TLS/SSL encrypted, a connection can be made secure using encryption −
TCP/IP connections are not secure by default, but they can be encrypted to make them secure.
Socket-file connections are secure by default. They can be encrypted, but it doesn’t make it any more secure and only increases CPU load.
Named-pipe connections are not secure by default, and need not be encrypted to make them secure. But the named_pipe_full_access_group system variable is made available that helps control which MySQL users would be given permission to use named-pipe connections.
Shared-memory connections are secure by default.