MQTT Messaging Management

Solace PubSub+ message brokers support the OASIS MQTT 3.1.1 standard to meet the needs of connected devices and mobile applications that need an efficient way to send and receive information that requires very little bandwidth, client-side processing power and/or bandwidth. The message broker works with any third-party MQTT 3.1.1 compliant client API, including open source APIs available through Eclipse initiative called Paho.

Solace PubSub+ message brokers support the following transports for the MQTT service: Plain-Text, SSL, WebSocket, and WebSocket Secure.

MQTT clients can connect to a Solace PubSub+ appliance using IPv4 or IPv6. To connect using IPv6, the appliance's message-backbone needs to be configured with an IPv6 global unicast or unique local address. For more information on configuring appliance IP interfaces and addresses, refer to Configuring Appliance IP Interfaces.

Managing the MQTT Service

MQTT service on a Solace PubSub+ message broker can be configured on a per-Message VPN level.

You can configure the following settings for MQTT service.

Setting Listen Ports

You must configure a TCP port number for MQTT clients to use when connecting to a Message VPN. Separate ports can be configured for each transport type that MQTT clients can use. The possible transport types are: plain-text, TLS/SSL, WebSocket, and WebSocket Secure.

To set a listen port for MQTT connections to the given Message VPN, enter the following commands:

solace(configure)# message-vpn <vpn-name>
solace(configure/message-vpn)# service mqtt
solace(configure/message-vpn/service/mqtt)# listen-port <port> [ssl] [web]

Where:

<port> is the port number from 1 to 65535. This port must not be in use for any other service. Note that if the ssl and/or web parameters are not included with the command, the port will use a plain text transport.

[ssl] specifies that the given port uses TLS/SSL encryption.

[web] specifies that the given port uses WebSockets.

[ssl] and [web] together specify that the given port uses WebSockets Secure.

The no version of this command, no listen port, removes the currently configured port number.

Note  
  • Enter the command a separate time for each transport type that you want to configure.
  • To change a port number, the MQTT connection must be shutdown (refer to Enabling/Disabling MQTT Connections).

Setting the Maximum Number of MQTT Connections

To set the maximum number of MQTT clients that can simultaneously connect to the given Message VPN, enter the following commands:

solace(configure)# message-vpn <vpn-name>
solace(configure/message-vpn)# service mqtt
solace(configure/message-vpn/service/mqtt)# max-connections <value>

Where:

<value> is the maximum number of simultaneous connections permitted

The no version of this command, no max-connections, resets the value to the maximum limit supported by the message broker.

Note:   This parameter can be set to a value that is higher than the maximum number of simultaneous connections permitted by the message broker, but the connection limit for the message broker will still be enforced.

Enabling/Disabling MQTT Connections

Within a Message VPN, the MQTT service for the given Message VPN can be enabled or disabled according to the specific transport type that is used. By default, MQTT service is not enabled for a Message VPN.

The following transports can be enabled and disabled for MQTT service:

Plain-Text

To enable MQTT connections using TCP plain-text transport for the given Message VPN, enter the following commands:

solace(configure)# message-vpn <vpn-name>
solace(configure/message-vpn)# service mqtt
solace(configure/message-vpn/service/mqtt)# no plain-text shutdown

To disable MQTT connections using TCP plain-text transport for the given Message VPN, enter the following commands:

solace(configure)# message-vpn <vpn-name>
solace(configure/message-vpn)# service mqtt
solace(configure/message-vpn/service/mqtt)# plain-text shutdown

Disabling plain-text connections will disconnect any clients currently connected to the configured plain-text listen port.

SSL

To enable MQTT connections using Transport Layer Security (TLS) / Secure Sockets Layer (SSL) transport for the given Message VPN, enter the following commands:

solace(configure)# message-vpn <vpn-name>
solace(configure/message-vpn)# service mqtt
solace(configure/message-vpn/service/mqtt)# no ssl shutdown

To disable MQTT connections using Transport Layer Security (TLS) / Secure Sockets Layer (SSL) transport for the given Message VPN, enter the following commands:

solace(configure)# message-vpn <vpn-name>
solace(configure/message-vpn)# service mqtt
solace(configure/message-vpn/service/mqtt)# ssl shutdown

Disabling TLS/SSL connections will disconnect any clients currently connected to the configured TLS/SSL listen port.

WebSocket

To enable MQTT connections using Websocket transport for the given Message VPN, enter the following commands:

solace(configure)# message-vpn <vpn-name>
solace(configure/message-vpn)# service mqtt
solace(configure/message-vpn/service/mqtt)# no websocket shutdown

To disable MQTT connections using Websocket transport for the given Message VPN, enter the following commands:

solace(configure)# message-vpn <vpn-name>
solace(configure/message-vpn)# service mqtt
solace(configure/message-vpn/service/mqtt)# websocket shutdown

Disabling Websocket connections will disconnect any clients currently connected to the configured Websocket listen port.

WebSocket Secure

To enable MQTT connections using Websocket Secure transport for the given Message VPN, enter the following commands:

solace(configure)# message-vpn <vpn-name>
solace(configure/message-vpn)# service mqtt
solace(configure/message-vpn/service/mqtt)# no websocket-secure shutdown

To disable MQTT connections using Websocket Secure transport for the given Message VPN, enter the following commands:

solace(configure)# message-vpn <vpn-name>
solace(configure/message-vpn)# service mqtt
solace(configure/message-vpn/service/mqtt)# websocket-secure shutdown

Disabling Websocket Secure connections will disconnect any clients currently connected to the configured Websocket Secure listen port.