The MQTT service enables message passing over a Data Diode. It connects to a broker on the source network and copies messages, for the configured topics, to a broker on the destination network. Messages received from the source broker will be sent with the same retain-flag to the destination broker. The service supports the protocol MQTT v3.1.1.
Configuration
The Upstream and Downstream parts of this service have most of their configuration in common. Any configuration that is specific to one part of the service is listed in that specific section. Parameters are divided into sections in the same way as they will be when configuring the service using the DD manager's graphical user interface.
General
Upstream
| Parameter | Description | Format |
|---|
| Topics | A list of topics for the service to subscribe to. | Array of strings |
| Quality of Service | The Quality of Service level for all subscriptions set up by the service. | Available options: At Most Once (0), At Least Once (1) and Exactly Once (2) |
Downstream
| Parameter | Description | Format |
|---|
| Topic prefix | A string to add onto the start of topics before publishing them to the destination broker. This parameter is optional. | String |
| Quality of Service | The Quality of Service level for all messages published by the service. | Available options: At Most Once (0), At Least Once (1) and Exactly Once (2) |
Connection
| Parameter | Description | Format |
|---|
| Address | Address of the remote host, either an IP address or a hostname. | Internet host name, see RFC 1123, section 2.1 |
| Port | TCP port that the service use to connect to the remote host. | Integer within range 1 - 65535 |
| Client ID | A unique ID for the client to connect with. | String |
| Keepalive interval | The interval between keepalive packets. If interval is 0, sending of keepalives is disabled. | Integer (seconds) |
TLS
| Parameter | Description | Format |
|---|
| TLS | A selection of TLS modes is available. If set to TLS With Defaults the service will use built-in default certificates. | Available options: Off, TLS With Defaults, TLS With CA and TLS With Client Certificate |
| CA | File containing the CA certificate in PEM format. This option is available when TLS With CA is selected, and allows you to upload your own trusted Certificate Authority that the service will use to validate the MQTT broker. | File |
| Client certificate | File containing the client certificate in PEM format. This option is available when TLS With Client Certificate is selected. | File |
| Client key | File containing the client key in PEM format. This option is available when TLS With Client Certificate is selected. | File |
Authentication
| Parameter | Description | Format |
|---|
| Authentication type | A selection for which type of authentication the service will use with the MQTT broker. | Available options: Anonymous, Password. |
| Username | Username to be used when authenticating towards the remote server. | String |
| Password | Password to be used when authenticating towards the remote server. | String |