MQTT Communication

MQTT stands for Message Queuing Telemetry Transport. It is a lightweight messaging and bi-directional protocol that works well in resource constrained network scenarios, such as low network reliability or low-bandwidth, or high-latent clients. It provides a simple way to send telemetry information between devices, or from devices to cloud. The protocol uses a publish/subscribe communication paradigm, and is used for Machine-to-Machine (M2M) communication and is widely adopted in the IoT.

MQTT was originally developed by IBM to do M2M communication and is currently widely adopted in many different applications, such as messaging services and IoT applications. MQTT is very lightweight and requires only a 2 byte header and supports a payload of up to 256 MB of data. The format of the data is application specific. MQTT defines three levels of Quality of Service (QoS). QoS defines how the messages are delivered between the publisher and subscriber by the message broker. Publishers and subscribers can choose the type of QoS they would like and the broker will make sure that level of QoS is adhered. The first QoS is fire and forget, whereby the publisher sends the message to the broker and the broker sends it to the subscribers. However, there is no guarantee that the subscribers receive the messages correctly. The second QoS is at least once. In this case, the broker retries delivering the messages. They then get an acknowledgement from the subscriber that they have received the messages. The third QoS is exactly once, whereby the subscriber is guaranteed to get the message only once. MQTT is ideally suited for IoT applications due to its characteristics, such as very light overheads, flexible payloads, and various levels of QoS.

In considering MQTT for cloud connectivity, it is good to know some of the limitations as well. MQTT is primarily designed for use within an enterprise behind the firewall and mainly for communication between the devices. Hence, using it for connecting to the cloud will add security overheads, such as adding authentication headers and SSL/TLS encryption using client certificates. Even after adding these security measures, it is difficult to prevent unauthorized publishers from publishing to an MQTT topic (that is, anyone with the authentication credentials can publish messages to the topic and we need additional mechanisms to enforce authorization). Another limitation is a lack of interoperability in the message structure since it is open-ended and hence specific to a given application. It is also difficult to scale MQTT to many devices, and MQTT does not lend itself well for transfer of a large amount of data, as, for example, in a sensor data bulk ingestion.