What is MQTT Broker?
MQTT stands for Message Queuing Telemetry Transport is an open OASIS and ISO standard lightweight, a publish-subscribe network protocol that transports messages between devices. Basically, MQTT Broker is simply software running on the computer. It could be any computer, for example, Personal Computer, Raspberry Pi and Server, etc. It could be on-premise or in the cloud, self-built, or hosted by a 3rd party. Moreover, Broker software is available as either open source or proprietary with extra features added on.
The above images describe the message transmission with and without Broker. Basically, the Broker works as a post-office. the post-office receives messages from the Sender’s address and sends those messages to the Receiver’s address. In the same vein, Device-1 (Sender) also known as Publisher publishes a topic to the MQTT Broker. Subsequently, Device-2 (Receiver) also known as Subscriber subscribes to that topic from the MQTT Broker. Hence, communication takes place using the MQTT protocol.
In short,
| Example | MQTT Protocol |
| Sender | Publisher |
| Address | Topic |
| Post-office | MQTT Broker |
| Receiver | Subscriber |
For instance, a Temperature sensor as a Publisher publishes a Temperature as a Topic to the MQTT Broker. After that Client could receive the Temperature data from the sensor after subscribing to the same Topic from the MQTT Broker. So, it is also known as the Pub-Sub Communication model.
Bidirectional
MQTT Broker provides bidirectional communication. It includes.
| One to Many | Many to One |
 |  |
| A broker can connect One Publisher to Many Subscribers. | Similarly, a Broker can connect Many Publishers to One Subscriber. |
Requirements of The MQTT Broker
- Open-source and free to use.
- Support for TLS with client certificate-based authentication
- Support for authorization using a database
- Scalable horizontally and vertically (clustering, multithreaded)
- Full MQTT implementation
Security
- Transport encryption with TLS/SSL (Transport Layer Security/Secure Sockets Layer).
- Authentication using Username and Password.
- Authorization Access Control List (ACL).
Quality of Service(Qos)
The Quality of Service (QoS) level is an agreement between the sender and the receiver of a message that defines the guarantee of delivery for a specific message. There are 3 QoS levels in MQTT,
- At most once (0)
- At least once (1)
- Exactly once (2).
Client Status
Benefits
Evaluation
There are many types of MQTT Brokers with different kinds of specifications and features from which the client should identify a broker that could fulfill the requirements, easy to access and best option for their projector or business.
MQTT Brokers
- Mosquitto
- RabbitMQ
- EMQ
- VerneMQ
1. Mosquitto
Mosquitto is a really lightweight MQTT broker written in C. It is very popular and has capabilities as a broker for a scalable IoT platform. It supports TLS and there are plugins for authorization using a database, but it has some downsides. Unfortunately, Mosquitto does not support clustering, it makes scaling a bit difficult. It is using only a single thread so can’t take advantage of multi-core CPUs.
An interesting issue that at the testing time if it is above 10 client connections/sec over TLS, connection attempts started to fail due to some errors with the handling of SSL connections using OpenSSL. I’m sure with some tuning on the OS and config levels Mosquitto can do more.
Implementation: Mosquitto MQTT Broker
2. RabbitMQ
RabbitMQ is a very popular message broker written in Erlang that has support for MQTT among other protocols through a plugin. TLS support is there, clustering is fine, authorization cannot be done using a database directly but you can create an HTTP REST wrapper over your database and that can be used as an authorization backend. The problem with RabbitMQ is the MQTT support itself.
This broker supports the AMQP protocol natively, the MQTT implementation is missing some important features such as QoS2. Quality of Service level 2 ensures that a message is received exactly once. This is very important in some cases, for example when commands are sent from the IoT platform to the devices or actuators. Lost or duplicate commands can cause serious problems in these scenarios so QoS2 is a must.
3. EMQ
EMQ is another Erlang based broker which is very promising. It is easy to configure and use, scales well, but unfortunately, client certificates are not supported in the current version. These certificates provide a secure, password-less mode of authentication. This is a must, if this feature is available EMQ would be a very strong option.
4. VerneMQ
VerneMQ is a relatively new MQTT broker written in Erlang. Basically, it has all the features that include, Clustering, TLS 1.2, complete MQTT 3.1.1 implementation, and authorization with the database. It can be easily extended with Lua scripts, has relatively nice documentation, and a very helpful developer team on GitHub. In addition, It could easily handle 400 joining clients/sec sending 3000 messages/sec on a 2 core 2 GHz server with 8 gigabytes of ram. At QoS level 1 on both consumer and producer side.
As per the above description any organization can select the MQTT Broker which satisfies their criteria at max.
