I'm stumped on this one.
I have an OpenSprinkler3.0 controller that will report to an MQTT broker. I have one RPi4 with homeassistant and Mosquitto broker installed. I have a separate RPiZero with Raspbian and Mosquitto 1.5.7 installed. I have a domain (mqtt.example.com) that directs to my router and port 1883 forwards to 1883 on the RPiZero.
Here's the RPiZero config
pid_file /var/run/mosquitto.pid
listener 1883
protocol mqtt
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d
allow_anonymous true
password_file /etc/mosquitto/passwordfile
connection homeassistant
address mqtt.example.com:8883
bridge_cafile /etc/ssl/certs/ISRG_Root_X1.pem
#topic # out 0
#topic # in 0
topic # both 0
remote_username xxxxxx
remote_password xxxxxx
If I use the WAN address (mqtt.example.com:1883) for the RPiZero, Open Sprinkler connects and sends messages to the broker, no problem.
But using the LAN IP address (192.168.1.51:1883), it doesn't work. Here's the weird thing. If I put in the LAN IP for the RPi4 broker running homeassistant (192.168.1.50:1883), it connects to that broker and works fine.
I've tried Android and Windows MQTT clients, and they connect to both brokers fine using WAN and LAN addresses. So for whatever reason, the OpenSprinkler can connect to one RPi using MQTT broker, but not another. Other clients don't have the same issue. Any ideas?
Thanks,
Seth
Turns out restarting the router solved the problem. Some other devices were acting odd causing me to reboot. Google WIFI is not my favorite product these days...
Thanks!
Related
I am attempting to get my Mqtt server to work on my network. Currently I receive the following message
Starting in local mode only. Connections will only be possible from clients running on this machine.
Based on information from Mosquitto, I need to update the /etc/mosquitto/mosquitto.conf file to allow for non-local access:
pid_file /run/mosquitto/mosquitto.pid
persistence true
persistence_location mosquitto/data
#/var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d
listener 1883
allow_anonymous true
But running with this adapted .conf file it does not allow non-local access. What am I doing wrong?
In the man page of Mosquitto, you can see, that listener specifies the port and bind address/host of the mqtt broker:
listener port [bind address/host/unix socket path]
Since version 2.0, the default config will only bind to localhost.
If you run version ^2.0, you only allow for local connections because no host is set. Therefore just change the listener line to:
listener 1883 0.0.0.0
This will allow any machine to connect, you can also specify explicit ip-addresses that are allowed to connect.
I have my Kafka Server running on other system. I am trying to run the client from my local machine by giving the broker url of the machine where Kafka server is running. But unfortunately i am not able to connect to kafka server.
server.properties files has the below attributes:
group.initial.rebalance.delay.ms=0
listeners=SASL_PLAINTEXT://localhost:9093
advertised.listeners=SASL_PLAINTEXT://localhost:9093
#advertised.listeners=SASL_PLAINTEXT://10.97.123.52:9093
security.inter.broker.protocol=SASL_PLAINTEXT
sasl.mechanism.inter.broker.protocol=PLAIN
sasl.enabled.mechanisms=PLAIN
while running my client from my local machine, i am passing the broker url of the server machine, but unable to connect:( . Can anyone help in this problem?
A bit simplified, but ... the client first connects to the bootstrap server to get the metadata. A based on that metadata it will open another TCP connection to the broker which is leader for the topic/partition the clients wants to speak with.
The first connection is done based on the bootstrap server address which you set. The second connection is opened to the address from the metadata. And the metadata will in your case contain the address from the advertised.listeners field, which is localhost. So the client will try to connect to localhost:9093 and not to your broker. So you need to set the advertised.listeners to use the address under which the broker is visible for the clients. (which is maybe the line which is commented out in your config example?)
You have also the listener field set to listen on localhost only. So it will not be accessible from the external IP address. You have to change it to listen on the external IP address. Most propbably setting it to the following value (i.e. without localhost) should help:
listeners=SASL_PLAINTEXT://:9093
I set up a broker on a windows pc which is publishing messages to raspberry pis (clients). On the same windows machine I'm running a node.js Server which is also a mosquitto client which can publish messages to the broker running on the same windows machine.
I looked up (by simple googling and reading the official documentation) how I can secure the moquittoconnections. But I still ran into some issues:
How can I only allow a mosquitto broker to communicate with clients
running on the same machine? (e.g. for simply publishing sensor
values to a local frontend via websockets - which I'm already doing)
Do local (on the same machine) clients require the username and
password if specified?
Why won't this configuration not require an username and a password
when the client is connecting to the broker?
My mosquitto.conf:
allow_anonymous false
password_file C:\Program Files (x86)\mosquitto
Password file is at the specified location and valid.
mosquitto -c mosquitto.conf is not throwing any error.
Can I still use the username and password when including encryption
mosquitto-tls?
Listeners can be bound to a specific interface e.g. 127.0.0.1 which will only allow connections from the localhost.
listener 1885 127.0.0.1
If you want to restrict the whole broker to only listen for local connections use the bind_adddress config option to change the default listener to only listen on 127.0.0.1 rather than 0.0.0.0 (this address represents ALL network interfaces on the machine)
If password based authentication is configured it applies to ALL listeners so if you set up a localhost only listener you will still need to supply a username and password.
You can use TLS and username and password based authentication unless you use client side certificates and enable the use_identity_as_username and require_certificate
I have learn basic zookeeper concept and did a sample project, But I only it only local pc or one computer.
I understand the zookeeper but still confused on how the client connect to the zookeeper server if they are not in one computer? for instance, if we start a zookeeper server in my own computer, and we can use connect() like connect 2181 to connect to the zookeeper server, that make sense, since they are all in one computer have have some association in lower layer. But what if the zookeeper server and client they are separated into two computer? how can we handle that?
I'm not sure what language you're using for the client, so this will have to be a generic answer.
The client and server communicate over TCP. This requires that the client simply know the server's host and port. In general, your ZooKeeper servers bind to some private network interface. For instance, your zoo.conf configuration file might contain a line like the following:
clientPort=2181
server.1=123.456.789.1:2888:3888
The first portion of the server.1 section 123.456.789.1 is the host to which the ZooKeeper server will bind. As long as this host is not the loop back interface (i.e. localhost or 127.0.0.1) you should be able to connect to that host from another machine on the client port 2181. So, for instance, in Java I create a new ZkClient that points to that host and port:
ZkClient client = new ZkClient("123.456.789.1:2181");
I am not sure how to use a single port at server side simultaneously for multiple sockets. How can we do it in node.js. I am currently using socket.io and have one socket per port. In case solutions do not exist but is possible then also please give your suggestion to achieve the same. Also what issues can be there if we share a port? What could be other related options considering the situation that clients can be idle but will consume a port on server as we need to maintain a socket connection for each client?
Assuming your server is running on port 80, here is what happens underneath:
Server listens port 80.
Client1 connects to server port 80 from its port 12345
Server accepts client1's connection request and assigns port 9876 to commune with client1.
Server continues listening port 80.
So despite what you think, the port 80 is not consumed, it is a listener. Your computer probably has 50000 ports at free, so there is no problem.
FYI: Ports cannot be shared among other processes. Only Node's child processes can be shared, have a look at how it can be: http://nodejs.org/docs/latest/api/cluster.html