Eclipse Mosquitto — Lightweight MQTT Broker for IoT

Introduction

Eclipse Mosquitto is an open-source MQTT message broker that implements MQTT protocol versions 5.0, 3.1.1, and 3.1. It is designed for lightweight publish/subscribe messaging on constrained devices and low-bandwidth networks, making it the standard broker for IoT, home automation, and telemetry workloads.

What Mosquitto Does

• Provides a standards-compliant MQTT broker for publish/subscribe messaging
• Handles thousands of concurrent client connections with minimal CPU and memory usage
• Supports TLS/SSL encryption, username/password, and plugin-based authentication
• Includes bridge mode for connecting multiple brokers across networks
• Ships with mosquitto_pub and mosquitto_sub CLI tools for testing and scripting

Architecture Overview

Mosquitto runs as a single-threaded event loop using epoll/kqueue for I/O multiplexing. Incoming PUBLISH messages are matched against a topic tree and forwarded to all matching subscribers. QoS levels 0, 1, and 2 are handled with in-flight message tracking and persistent session storage. The bridge module connects to remote brokers and forwards messages bidirectionally. An authentication plugin interface allows integration with external databases, LDAP, or JWT verification.

Self-Hosting & Configuration

• Install from package managers (apt, brew, yum) or run the official Docker image
• Edit mosquitto.conf to set listeners, authentication, and TLS certificates
• Create a password file with mosquitto_passwd for username/password auth
• Configure ACLs to restrict topic access per user or client ID
• Enable persistence to retain messages and subscriptions across broker restarts

Key Features

• MQTT 5.0 support with shared subscriptions, topic aliases, and flow control
• TLS/SSL with client certificate authentication
• WebSocket listener for browser-based MQTT clients
• Bridge mode for multi-site broker federation
• Dynamic security plugin for runtime user and ACL management via MQTT commands

Comparison with Similar Tools

• EMQX — Distributed cluster-capable broker for large-scale deployments; Mosquitto is lighter and simpler for single-node setups
• HiveMQ — Commercial broker with enterprise clustering; Mosquitto is fully open source and resource-efficient
• VerneMQ — Erlang-based distributed broker; Mosquitto uses C for lower memory footprint on constrained hardware
• NanoMQ — Multi-threaded MQTT broker; Mosquitto is single-threaded but well-proven and widely deployed

FAQ

Q: How many connections can Mosquitto handle? A: On modest hardware, Mosquitto handles tens of thousands of concurrent connections. For larger deployments requiring horizontal scaling, consider EMQX or HiveMQ.

Q: How do I secure Mosquitto for production? A: Enable TLS on the listener, create a password file, configure ACLs, and disable anonymous access. Use client certificates for device authentication in critical environments.

Q: Can Mosquitto bridge to a cloud MQTT service? A: Yes. Configure a bridge connection in mosquitto.conf pointing to AWS IoT Core, Azure IoT Hub, or any remote MQTT broker with optional TLS and credentials.

Q: Does Mosquitto support MQTT 5.0? A: Yes. Mosquitto 2.x fully supports MQTT 5.0 including shared subscriptions, request/response correlation, and user properties.

Sources

• https://github.com/eclipse/mosquitto
• https://mosquitto.org/documentation/