I need some clarity on how the bindIp in /etc/mongod.conf works. I started a new VM instance in Azure. I opened the port 27017 (it is open to public). I started a new MongoDB instance (version is 4.4). In /etc/mongod.conf, I added the private IP of the VM instance. So it has 127.0.0.1 and the private IP like this 10.0.x.x,127.0.0.1. I restarted the server. I did not enable authentication - thought I will do all that after application is set up.
The next day, I see lot of entries in the log like this:
{"t":{"$date":"2020-09-22T18:46:03.897+00:00"},"s":"I", "c":"NETWORK", "id":22943, "ctx":"listener","msg":"Connection accepted","attr":{"remote":"209.17.96.210:53448","connectionId":11,"connectionCount":1}}
{"t":{"$date":"2020-09-22T19:55:23.236+00:00"},"s":"I", "c":"NETWORK", "id":22943, "ctx":"listener","msg":"Connection accepted","attr":{"remote":"45.227.255.224:61000","connectionId":12,"connectionCount":1}}
{"t":{"$date":"2020-09-22T20:03:18.361+00:00"},"s":"I", "c":"NETWORK", "id":22943, "ctx":"listener","msg":"Connection accepted","attr":{"remote":"38.88.252.187:44861","connectionId":13,"connectionCount":1}}
{"t":{"$date":"2020-09-22T21:04:01.448+00:00"},"s":"I", "c":"NETWORK", "id":22943, "ctx":"listener","msg":"Connection accepted","attr":{"remote":"162.142.125.35:43268","connectionId":14,"connectionCount":1}}
{"t":{"$date":"2020-09-23T03:04:55.582+00:00"},"s":"I", "c":"NETWORK", "id":22943, "ctx":"listener","msg":"Connection accepted","attr":{"remote":"192.241.232.202:34776","connectionId":15,"connectionCount":1}}
{"t":{"$date":"2020-09-23T04:31:06.036+00:00"},"s":"I", "c":"NETWORK", "id":22943, "ctx":"listener","msg":"Connection accepted","attr":{"remote":"20.36.16.23:13312","connectionId":16,"connectionCount":1}}
Is this expected? I thought Mongo is listening only at the private IP and 127.0.0.1 and hence only someone from within the network or access to the machine will be able to connect.