Select Page

RUT240 MQTT

Summary #

MQTT (MQ Telemetry Transport or Message Queue Telemetry Transport) is an ISO standard (ISO/IEC PRF 20922) publish-subscribe-based “lightweight” messaging protocol for use on top of the TCP/IP protocol. It is designed to send short messages from one client (publisher) to another (subscriber) through brokers, which are responsible for message delivery to the end point. RUT routers support this functionality via an open source Mosquitto broker. The messages are sent this way: a client (subscriber) subscribes to a topic(s); a publisher posts a message to that specific topic(s). The broker then checks who is subscribed to that particular topic(s) and transmits data from the publisher to the subscriber. This chapter is a summary of the MQTT function in RUT routers.

For in-depth MQTT configuration examples, refer to this page: Monitoring via MQTT


The information in this page is updated in accordance with the RUT2XX_R_00.01.12 firmware version.

MQTT Broker #

The Broker will “listen” for connections on the specified Local port. In order to accept connections from WAN, you also need to check Enable Remote Access.

Networking rut manual mqtt broker.png
Field NameValueDescription
Enableyes | no; Default: noToggles MQTT Broker ON or OFF
Local Portinteger [0..65535]; Default: “1883Specifies the local port that the MQTT broker will listen to
Enable Remote Accessyes | no; Default: noIf enabled, MQTT Broker will be reachable by remote user (from WAN)

Security #

The MQTT Security tab is used to establish MQTT connection security via TLS/SSL.

Networking rut manual mqtt security.png
Field NameValueDescription
Use TLS/SSLyes | no; Default: noToggles the use of TLS/SSL certificates ON or OFF
CA File.ca file; Default: ” “Certificate authority is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate
CERT File.crt file; Default: ” “Certificate file is a type of digital certificate that is used by client systems to make authenticated requests to a remote server. Client certificates play a key role in many mutual authentication designs, providing strong assurances of a requester’s identity
Key File.key file; Default: ” “Authenticates the client to the server and establishes precisely who they are.
TLS versiontlsv1.1 | tlsv1.2 | Support all; Default: Support allAuthenticates a client to a server and establishes precisely who they are

Bridge #

The MQTT Broker also supports a functionality called Bridge. An MQTT Bridge is used for the communication between two MQTT Brokers. The window of Bridge parameters is presented below. Some of these are mandatory as they are needed to create a connection: Connection Name, Remote Address and Remote Port. For more information on MQTT Bridge parameters you can read the official mosquitto.org manual page.

Networking rut manual mqtt bridge.png
Field NameValueDescription
Enableyes | no; Default: noToggles MQTT Bridge ON or OFF
Connection Namestring; Default: ” “Name of the Bridge connection. Although this is used for easier management purposes, this field is mandatory
Remote Addressip; Default: ” “Remote Broker’s address
Remote Portinteger [0..65535]; Default: 1883Specifies which port the remote broker uses to listen for connections
Use Remote TLS/SSLyes | no; Default: noEnables the use of TSL/SSL certificates of the remote broker. If this is checked, you will be prompted to upload TLS/SSL certificates. More information can be found in the Security section of this chapter
Use Remote Bridge Loginyes | no; Default: noEnables the use of Remote login data. If this is checked, you will be prompted to enter a remote client ID, username and password
Try Privateyes | no; Default: noCheck if the remote Broker is another instance of a daemon
Clean Sessionyes | no; Default: noCheck to discard session state after connecting or disconnecting
Topicstring; Default: ” “Specifies the names of the Topics that your Broker will subscribe to
DirectionOUT | IN | BOTH; Default: OUTThe direction that the messages will be shared in
QoS levelDefault: 0The publish/subscribe QoS level used for this topic

Micellaneous #

The last section of MQTT Broker parameters is called Miscellaneous. It contains parameters that are related to neither Security nor Bridge.

Services mqtt broker settings misc.PNG
Field NameValueDescription
ACL File.ACL file; Default: ” “The contents of this file are used to control client access to topics of the broker
Password Filepassword file; Default: ” “The Password file stores user names and corresponding passwords, used for authentication
Persistenceyes | no; Default: noIf enabled, connection, subscription and message data will be written to the disk. Otherwise, the data is stored in the router’s memory only
Allow Anonymousyes | no; Default: yesIf enabled, the Broker allows anonymous access

MQTT Publisher #

An MQTT Publisher is a client that sends messages to the Broker, who then forwards these messages to the Subscriber.

Services mqtt publisher.PNG
Field NameValueDescription
Enableyes | no; Default: noToggles the MQTT Publisher ON or OFF
Hostnamehost | ip; Default: ” “Broker’s IP address or hostname
Portinteger [0..65535]; Default: 1883Specifies the port used for connecting to the Broker
Usernamestring; Default: ” “User name used for authentication when connecting to the Broker
Passwordstring; Default: ” “Password used for authentication when connecting to the Broker
TLSyes | no; Default: noToggles TLS encryption ON or OFF
Allow insecure connectionyes | no; Default: noAllow connection without server authenticity verification
CA file.ca file; Default: ” “Certificate authority is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate
Certificate file.crt file; Default: ” “Certificate file is a type of digital certificate that is used by client systems to make authenticated requests to a remote server. Client certificates play a key role in many mutual authentication designs, providing strong assurances of a requester’s identity
Key file.key file; Default: ” “Authenticates the client to the server and establishes precisely who they are.

Submit a Comment

Your email address will not be published. Required fields are marked *