This specification is provided under theNon-AssertionMode of theOASISIPR Policy, the mode chosen when the Technical Committee was established. Forinformation on whether any patents have been disclosed that may be essential toimplementing this specification, and any offers of patent licensing terms,please refer to the Intellectual Property Rights section of the TC’s web page (https://www.oasis-open.org/committees/mqtt/ipr.php).
The specification is split into seven chapters:
· Chapter 1 - Introduction
· Chapter2 - MQTT Control Packet format
· Chapter3 - MQTT Control Packets
· Chapter4 - Operational behavior
· Chapter 5 - Security
· Chapter 6 - Using WebSocket as anetwork transport
· Chapter 7 - Conformance Targets
1.2Terminology
The keywords "MUST", "MUST NOT", "REQUIRED","SHALL", "SHALL NOT", "SHOULD", "SHOULDNOT", "RECOMMENDED", "MAY", and "OPTIONAL"in this specification are to be interpreted as described in IETF RFC 2119[RFC2119], except where they appear in text that is markedas non-normative.
NetworkConnection:
A construct provided by the underlyingtransport protocol that is being used by MQTT.
· Itconnects the Client to the Server.
· Itprovides the means to send an ordered, lossless, stream of bytes in bothdirections.
Refer tosection 4.2 NetworkConnection for non-normative examples.
ApplicationMessage:
The data carried by the MQTT protocol across the network forthe application. When an Application Message is transported by MQTT it containspayload data, a Quality of Service (QoS), a collection of Properties, and aTopic Name.
Client:
A program or device that uses MQTT. A Client:
· opens the Network Connection to the Server
· publishes Application Messages that other Clients might beinterested in.
· subscribes to request Application Messages that it is interestedin receiving.
· unsubscribes to remove a request for Application Messages.
· closes the Network Connection to the Server.
Server:
A program or device that acts as an intermediary betweenClients which publish Application Messages and Clients which have madeSubscriptions. A Server:
· accepts Network Connections from Clients.
· accepts Application Messages published by Clients.
· processes Subscribe and Unsubscribe requests from Clients.
· forwards Application Messages that match Client Subscriptions.
· closes the Network Connection from the Client.
Session:
A stateful interaction between a Client and a Server. SomeSessions last only as long as the Network Connection, others can span multipleconsecutive Network Connections between a Client and a Server.
Subscription:
A Subscription comprises a Topic Filter and a maximum QoS. ASubscription is associated with a single Session. A Session can contain morethan one Subscription. Each Subscription within a Session has a different TopicFilter.
Shared Subscription:
A Shared Subscription comprises a Topic Filter and a maximumQoS. A Shared Subscription can be associated with more than one Session toallow a wider range of message exchange patterns. An Application Message thatmatches a Shared Subscription is only sent to the Client associated with one ofthese Sessions. A Session can subscribe to more than one Shared Subscriptionand can contain both Shared Subscriptions and Subscriptions which are notshared.
Wildcard Subscription:
A Wildcard Subscription is a Subscription with a TopicFilter containing one or more wildcard characters. This allows the subscriptionto match more than one Topic Name. Refer tosection4.7 for a description of wildcard characters in a Topic Filter.
Topic Name:
The label attached to an Application Message which ismatched against the Subscriptions known to the Server.
Topic Filter:
An expression contained in a Subscription to indicate aninterest in one or more topics. A Topic Filter can include wildcard characters.
MQTT Control Packet:
A packet of information that is sent across the NetworkConnection. The MQTT specification defines fifteen different types of MQTT ControlPacket, for example the PUBLISH packet is used to convey Application Messages.
Malformed Packet:
A control packet that cannot be parsed according to thisspecification. Refer tosection 4.13 forinformation about error handling.
Protocol Error:
An error that is detected after the packet has been parsedand found to contain data that is not allowed by the protocol or isinconsistent with the state of the Client or Server. Refer tosection 4.13 for information about error handling.
Will Message:
An Application Message which is published by the Serverafter the Network Connection is closed in cases where the Network Connection isnot closed normally. Refer tosection 3.1.2.5 forinformation about Will Messages.
Disallowed Unicode code point:
The set of Unicode Control Codes and Unicode Noncharacterswhich should not be included in a UTF-8 Encoded String. Refer tosection 1.5.4 formore information about the Disallowed Unicode code points.
[RFC2119]
Bradner, S., "Key words for use in RFCs to IndicateRequirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997,
http://www.rfc-editor.org/info/rfc2119
[RFC3629]
Yergeau, F., "UTF-8, a transformation format of ISO10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November 2003,
http://www.rfc-editor.org/info/rfc3629
[RFC6455]
Fette, I. and A. Melnikov, "The WebSocketProtocol", RFC 6455, DOI 10.17487/RFC6455, December 2011,
http://www.rfc-editor.org/info/rfc6455
[Unicode]
The Unicode Consortium. The Unicode Standard,
http://www.unicode.org/versions/latest/
[RFC0793]
Postel, J., "Transmission Control Protocol", STD7, RFC 793, DOI 10.17487/RFC0793, September 1981,http://www.rfc-editor.org/info/rfc793
[RFC5246]
Dierks, T. and E. Rescorla, "The Transport LayerSecurity (TLS) Protocol Version 1.2", RFC 5246, DOI 10.17487/RFC5246,August 2008,
http://www.rfc-editor.org/info/rfc5246
[AES]
Advanced Encryption Standard (AES) (FIPS PUB 197).
https://csrc.nist.gov/csrc/media/publications/fips/197/final/documents/fips-197.pdf
[CHACHA20]
ChaCha20 and Poly1305 for IETF Protocols
https://tools.ietf.org/html/rfc7539
[FIPS1402]
Security Requirements for Cryptographic Modules (FIPS PUB140-2)
https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf
[IEEE 802.1AR]
IEEE Standard for Local and metropolitan area networks -Secure Device Identity
http://standards.ieee.org/findstds/standard/802.1AR-2009.html
[ISO29192]
ISO/IEC 29192-1:2012 Information technology -- Securitytechniques -- Lightweight cryptography -- Part 1: General
https://www.iso.org/standard/56425.html
[MQTT NIST]
MQTT supplemental publication, MQTT and the NIST Frameworkfor Improving Critical Infrastructure Cybersecurity
http://docs.oasis-open.org/mqtt/mqtt-nist-cybersecurity/v1.0/mqtt-nist-cybersecurity-v1.0.html
[MQTTV311]
MQTT V3.1.1 Protocol Specification
http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html
[ISO20922]
MQTT V3.1.1ISO Standard (ISO/IEC 20922:2016)
https://www.iso.org/standard/69466.html
[NISTCSF]
Improving Critical Infrastructure Cybersecurity ExecutiveOrder 13636
https://www.nist.gov/sites/default/files/documents/itl/preliminary-cybersecurity-framework.pdf
[NIST7628]
NISTIR 7628 Guidelines for Smart Grid Cyber Security Catalogue
https://www.nist.gov/sites/default/files/documents/smartgrid/nistir-7628_total.pdf
[NSAB]
NSA Suite B Cryptography
http://www.nsa.gov/ia/programs/suiteb_cryptography/
[PCIDSS]
PCI-DSS Payment Card Industry Data Security Standard
https://www.pcisecuritystandards.org/pci_security/
[RFC1928]
Leech, M., Ganis, M., Lee, Y., Kuris, R., Koblas, D., and L.Jones, "SOCKS Protocol Version 5", RFC 1928, DOI 10.17487/RFC1928,March 1996,
http://www.rfc-editor.org/info/rfc1928
[RFC4511]
Sermersheim, J., Ed., "Lightweight Directory AccessProtocol (LDAP): The Protocol", RFC 4511, DOI 10.17487/RFC4511, June 2006,
http://www.rfc-editor.org/info/rfc4511
[RFC5280]
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley,R., and W. Polk, "Internet X.509 Public Key Infrastructure Certificate andCertificate Revocation List (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280,May 2008,
http://www.rfc-editor.org/info/rfc5280
[RFC6066]
Eastlake 3rd, D., "Transport Layer Security (TLS)Extensions: Extension Definitions", RFC 6066, DOI 10.17487/RFC6066,January 2011,
http://www.rfc-editor.org/info/rfc6066
[RFC6749]
Hardt, D., Ed., "The OAuth 2.0 AuthorizationFramework", RFC 6749, DOI 10.17487/RFC6749, October 2012,
http://www.rfc-editor.org/info/rfc6749
[RFC6960]
Santesson, S., Myers, M., Ankney, R., Malpani, A., Galperin,S., and C. Adams, "X.509 Internet Public Key Infrastructure OnlineCertificate Status Protocol - OCSP", RFC 6960, DOI 10.17487/RFC6960, June2013,
http://www.rfc-editor.org/info/rfc6960
[SARBANES]
Sarbanes-Oxley Act of 2002.
http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/html/PLAW-107publ204.htm
[USEUPRIVSH]
U.S.-EU Privacy Shield Framework
https://www.privacyshield.gov
[RFC3986]
Berners-Lee, T., Fielding, R., and L. Masinter,"Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC3986, DOI 10.17487/RFC3986, January 2005,
http://www.rfc-editor.org/info/rfc3986
[RFC1035]
Mockapetris, P., "Domain names - implementation andspecification", STD 13, RFC 1035, DOI 10.17487/RFC1035, November 1987,
http://www.rfc-editor.org/info/rfc1035
[RFC2782]
Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RRfor specifying the location of services (DNS SRV)", RFC 2782, DOI10.17487/RFC2782, February 2000,
http://www.rfc-editor.org/info/rfc2782
Bits in a byte are labelled 7 to 0. Bit number 7 is the mostsignificant bit, the least significant bit is assigned bit number 0.
Two Byte Integer data values are 16-bit unsigned integers inbig-endian order: the high order byte precedes the lower order byte. This meansthat a 16-bit word is presented on the network as Most Significant Byte (MSB),followed by Least Significant Byte (LSB).
Four Byte Integer data values are 32-bit unsigned integersin big-endian order: the high order byte precedes the successively lower orderbytes. This means that a 32-bit word is presented on the network as MostSignificant Byte (MSB), followed by the next most Significant Byte (MSB),followed by the next most Significant Byte (MSB), followed by Least SignificantByte (LSB).
1.5.4 UTF-8 Encoded String
Text fields within the MQTT Control Packets described laterare encoded as UTF-8 strings. UTF-8[RFC3629] is anefficient encoding of Unicode[Unicode] characters thatoptimizes the encoding of ASCII characters in support of text-basedcommunications.
Each of these strings is prefixed with a Two Byte Integerlength field that gives the number of bytes in a UTF-8 encoded string itself,as illustrated inFigure 1.1 Structure of UTF-8 EncodedStrings below. Consequently, the maximum size of a UTF-8 Encoded String is65,535 bytes.
Unless stated otherwise all UTF-8encoded strings can have any length in the range 0 to 65,535 bytes.
Figure1‑1 Structure of UTF-8 Encoded Strings
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | String length MSB |
byte 2 | String length LSB |
byte 3 …. | UTF-8 encoded character data, if length > 0. |
The character data in aUTF-8 Encoded String MUST be well-formed UTF-8 as defined by the Unicodespecification[Unicode] and restated in RFC 3629[RFC3629].In particular, the character data MUST NOT include encodings of code pointsbetween U+D800 and U+DFFF[MQTT-1.5.4-1].If the Client or Serverreceives an MQTT Control Packet containing ill-formed UTF-8 it is a MalformedPacket. Refer tosection 4.13 for information about handling errors.
A UTF-8 Encoded String MUSTNOT include an encoding of the null character U+0000.[MQTT-1.5.4-2]. If a receiver (Server or Client)receives an MQTT Control Packet containing U+0000 it is a Malformed Packet.Refer to section 4.13 for information abouthandling errors.
The data SHOULD NOT include encodings of the Unicode[Unicode] code points listed below. If a receiver (Server or Client) receives anMQTT Control Packet containing any of them it MAY treat it as a Malformed Packet.These are the Disallowed Unicode code points.Refertosection5.4.9 for more informationabout handling Disallowed Unicode code points.
· U+0001..U+001F control characters
· U+007F..U+009F control characters
· Code points defined in the Unicode specification[Unicode] to be non-characters (for example U+0FFFF)
A UTF-8 encoded sequence0xEF 0xBB 0xBF is always interpreted as U+FEFF ("ZERO WIDTH NO-BREAK SPACE")wherever it appears in a string and MUST NOT be skipped over or stripped off bya packet receiver[MQTT-1.5.4-3].
Non-normative example
For example,the string A𪛔which isLATINCAPITAL Letter A followed by the code point U+2A6D4 (which represents a CJKIDEOGRAPH EXTENSION B character) is encoded as follows:
Figure1‑2 UTF-8 Encoded String non-normative example
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | String Length MSB (0x00) |
| 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 2 | String Length LSB (0x05) |
| 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 |
byte 3 | ‘A’ (0x41) |
| 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 |
byte 4 | (0xF0) |
| 1 | 1 | 1 | 1 | 0 | 0 | 0 | 0 |
byte 5 | (0xAA) |
| 1 | 0 | 1 | 0 | 1 | 0 | 1 | 0 |
byte 6 | (0x9B) |
| 1 | 0 | 0 | 1 | 1 | 0 | 1 | 1 |
byte 7 | (0x94) |
| 1 | 0 | 0 | 1 | 0 | 1 | 0 | 0 |
The Variable Byte Integer is encoded using an encodingscheme which uses a single byte for values up to 127. Larger values are handledas follows. The least significant seven bits of each byte encode the data, andthe most significant bit is used to indicate whether there are bytes followingin the representation. Thus, each byte encodes 128 values and a"continuation bit". The maximum number of bytes in the Variable ByteInteger field is four.The encoded value MUSTuse the minimum number of bytes necessary to represent the value[MQTT-1.5.5-1].This isshown inTable 1‑1 Size of Variable Byte Integer.
Table1‑1Size of Variable Byte Integer
Digits | From | To |
1 | 0 (0x00) | 127 (0x7F) |
2 | 128 (0x80, 0x01) | 16,383 (0xFF, 0x7F) |
3 | 16,384 (0x80, 0x80, 0x01) | 2,097,151 (0xFF, 0xFF, 0x7F) |
4 | 2,097,152 (0x80, 0x80, 0x80, 0x01) | 268,435,455 (0xFF, 0xFF, 0xFF, 0x7F) |
Non-normativecomment
The algorithmfor encoding a non-negative integer (X) into the Variable Byte Integer encodingscheme is as follows:
do
encodedByte= X MOD 128
X= X DIV 128
//if there are more data to encode, set the top bit of this byte
if(X > 0)
encodedByte= encodedByte OR 128
endif
'output'encodedByte
while(X > 0)
WhereMOD is the modulo operator (% in C),DIV is integer division (/in C), andOR is bit-wise or (| in C).
Non-normativecomment
The algorithmfor decoding a Variable Byte Integer type is as follows:
multiplier= 1
value= 0
do
encodedByte= 'next byte from stream'
value+= (encodedByte AND 127) * multiplier
if(multiplier > 128*128*128)
throwError(Malformed Variable Byte Integer)
multiplier*= 128
while((encodedByte AND 128) != 0)
whereAND is the bit-wise andoperator (& in C).
When this algorithm terminates,value contains the VariableByte Integer value.
Binary Data is represented by a Two Byte Integer lengthwhich indicates the number of data bytes, followed by that number of bytes. Thus,the length of Binary Data is limited to the range of 0 to 65,535 Bytes.
A UTF-8 String Pair consists of two UTF-8 Encoded Strings.This data type is used to hold name-value pairs. The first string serves as thename, and the second string contains the value.
Both strings MUST complywith the requirements for UTF-8 Encoded Strings[MQTT-1.5.7-1].If a receiver (Client or Server) receives a string pair which does not meetthese requirements it is a Malformed Packet. Refer tosection4.13 for information about handling errors.
MQTT Client and Serverimplementations SHOULD offer Authentication, Authorization and securecommunication options, such as those discussed in Chapter5. Applicationsconcerned with critical infrastructure, personally identifiable information, orother personal or sensitive information are strongly advised to use thesesecurity capabilities.
Text highlighted inYellowwithin this specification identifies conformance statements. Each conformancestatement has been assigned a reference in the format[MQTT-x.x.x-y]wherex.x.xis thesection number andy is a statement counter within the section.
MQTT v3.1.1 was the first OASIS standard version of MQTT[MQTTV311].
MQTT v3.1.1 is also standardized as ISO/IEC 20922:2016[ISO20922].
MQTT v5.0 adds a significant number of new features to MQTTwhile keeping much of the core in place. The major functional objectives are:
· Enhancements for scalability and large scale systems
· Improved error reporting
· Formalize common patterns including capability discovery andrequest response
· Extensibility mechanisms including user properties
· Performance improvements and support for small clients
Refer toAppendix C for a summaryof changes in MQTT v5.0.
2 MQTTControl Packet format
The MQTT protocol operates by exchanging a series of MQTTControl Packets in a defined way. This section describes the format of thesepackets.
An MQTT Control Packet consists of up to three parts, alwaysin the following order as shown below.
Figure 2‑1Structure of an MQTT Control Packet
Fixed Header, present in all MQTT Control Packets |
Variable Header, present in some MQTT Control Packets |
Payload, present in some MQTT Control Packets |
Each MQTT Control Packet contains a Fixed Header as shownbelow.
Figure2‑2 Fixed Header format
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type | Flags specific to each MQTT Control Packet type |
byte 2… | Remaining Length |
Position: byte 1, bits 7-4.
Represented as a 4-bit unsigned value, the values are shownbelow.
Table 2‑1 MQTT Control Packet types
Name | Value | Direction of flow | Description |
Reserved | 0 | Forbidden | Reserved |
CONNECT | 1 | Client to Server | Connection request |
CONNACK | 2 | Server to Client | Connect acknowledgment |
PUBLISH | 3 | Client to Server or Server to Client | Publish message |
PUBACK | 4 | Client to Server or Server to Client | Publish acknowledgment (QoS 1) |
PUBREC | 5 | Client to Server or Server to Client | Publish received (QoS 2 delivery part 1) |
PUBREL | 6 | Client to Server or Server to Client | Publish release (QoS 2 delivery part 2) |
PUBCOMP | 7 | Client to Server or Server to Client | Publish complete (QoS 2 delivery part 3) |
SUBSCRIBE | 8 | Client to Server | Subscribe request |
SUBACK | 9 | Server to Client | Subscribe acknowledgment |
UNSUBSCRIBE | 10 | Client to Server | Unsubscribe request |
UNSUBACK | 11 | Server to Client | Unsubscribe acknowledgment |
PINGREQ | 12 | Client to Server | PING request |
PINGRESP | 13 | Server to Client | PING response |
DISCONNECT | 14 | Client to Server or Server to Client | Disconnect notification |
AUTH | 15 | Client to Server or Server to Client | Authentication exchange |
The remaining bits [3-0] of byte 1 in the Fixed Headercontain flags specific to each MQTT Control Packet type as shown below.Where a flag bit ismarked as “Reserved”, it is reserved for future use and MUST be set to thevalue listed[MQTT-2.1.3-1]. If invalidflags are received it is a Malformed Packet.Refer tosection 4.13 for details about handling errors.
Table2‑2 Flag Bits
MQTT Control Packet | Fixed Header flags | Bit 3 | Bit 2 | Bit 1 | Bit 0 |
CONNECT | Reserved | 0 | 0 | 0 | 0 |
CONNACK | Reserved | 0 | 0 | 0 | 0 |
PUBLISH | Used in MQTT v5.0 | DUP | QoS | RETAIN |
PUBACK | Reserved | 0 | 0 | 0 | 0 |
PUBREC | Reserved | 0 | 0 | 0 | 0 |
PUBREL | Reserved | 0 | 0 | 1 | 0 |
PUBCOMP | Reserved | 0 | 0 | 0 | 0 |
SUBSCRIBE | Reserved | 0 | 0 | 1 | 0 |
SUBACK | Reserved | 0 | 0 | 0 | 0 |
UNSUBSCRIBE | Reserved | 0 | 0 | 1 | 0 |
UNSUBACK | Reserved | 0 | 0 | 0 | 0 |
PINGREQ | Reserved | 0 | 0 | 0 | 0 |
PINGRESP | Reserved | 0 | 0 | 0 | 0 |
DISCONNECT | Reserved | 0 | 0 | 0 | 0 |
AUTH | Reserved | 0 | 0 | 0 | 0 |
DUP = Duplicate delivery of a PUBLISH packet
QoS = PUBLISH Quality of Service
RETAIN = PUBLISH retained message flag
Refer tosection 3.3.1for a description of the DUP, QoS, and RETAIN flags in the PUBLISH packet.
2.1.4 Remaining Length
Position: starts at byte2.
The Remaining Length is a Variable Byte Integer thatrepresents the number of bytes remaining within the current Control Packet,including data in the Variable Header and the Payload. The Remaining Lengthdoes not include the bytes used to encode the Remaining Length.The packet size is the total number of bytes in an MQTT ControlPacket, this is equal to the length of the Fixed Header plus the RemainingLength.
Some types of MQTT Control Packet contain a Variable Headercomponent. It resides between the Fixed Header and the Payload. The content ofthe Variable Header varies depending on the packet type. The Packet Identifierfield of Variable Header is common in several packet types.
2.2.1 PacketIdentifier
The Variable Header component ofmany of the MQTT Control Packet types includes a Two Byte Integer PacketIdentifier field. These MQTT Control Packets are PUBLISH (where QoS > 0),PUBACK, PUBREC, PUBREL, PUBCOMP, SUBSCRIBE, SUBACK, UNSUBSCRIBE, UNSUBACK.
MQTT Control Packets that require a Packet Identifier are shownbelow:
Table 2‑3 MQTT Control Packets that contain a PacketIdentifier
MQTT Control Packet | Packet Identifier field |
CONNECT | NO |
CONNACK | NO |
PUBLISH | YES (If QoS > 0) |
PUBACK | YES |
PUBREC | YES |
PUBREL | YES |
PUBCOMP | YES |
SUBSCRIBE | YES |
SUBACK | YES |
UNSUBSCRIBE | YES |
UNSUBACK | YES |
PINGREQ | NO |
PINGRESP | NO |
DISCONNECT | NO |
AUTH | NO |
A PUBLISH packet MUST NOTcontain a Packet Identifier if its QoS value is set to 0[MQTT-2.2.1-2].
Each time a Client sends anew SUBSCRIBE, UNSUBSCRIBE,or PUBLISH (where QoS > 0) MQTT Control Packet itMUST assign it a non-zero Packet Identifier that is currently unused[MQTT-2.2.1-3].
Each time a Server sends anew PUBLISH (with QoS > 0) MQTT Control Packet it MUST assign it a non zeroPacket Identifier that is currently unused[MQTT-2.2.1-4].
The Packet Identifier becomes available for reuse after the senderhas processed the corresponding acknowledgement packet, defined as follows. Inthe case of a QoS 1 PUBLISH, this is the corresponding PUBACK; in the case ofQoS 2 PUBLISH it is PUBCOMP or a PUBREC with a Reason Code of 128 or greater.For SUBSCRIBE or UNSUBSCRIBE it is the corresponding SUBACK or UNSUBACK.
Packet Identifiers used with PUBLISH, SUBSCRIBE andUNSUBSCRIBE packets form a single, unified set of identifiers separately forthe Client and the Server in a Session. A Packet Identifier cannot be used bymore than one command at any time.
A PUBACK, PUBREC , PUBREL,or PUBCOMP packet MUST contain the same Packet Identifier as the PUBLISH packetthat was originally sent[MQTT-2.2.1-5].A SUBACK and UNSUBACK MUST contain the PacketIdentifier that was used in the corresponding SUBSCRIBE and UNSUBSCRIBE packet respectively[MQTT-2.2.1-6].
The Client and Server assign Packet Identifiersindependently of each other. As a result, Client-Server pairs can participatein concurrent message exchanges using the same Packet Identifiers.
Non-normativecomment
It is possible for a Client to senda PUBLISH packet with Packet Identifier 0x1234 and then receive a differentPUBLISH packet with Packet Identifier 0x1234 from its Server before it receivesa PUBACK for the PUBLISH packet that it sent.
Client Server
PUBLISH Packet Identifier=0x1234‒→
←‒PUBLISH PacketIdentifier=0x1234
PUBACK PacketIdentifier=0x1234‒→
←‒PUBACKPacket Identifier=0x1234
2.2.2 Properties
The last field in the Variable Header of the CONNECT, CONNACK,PUBLISH, PUBACK, PUBREC, PUBREL, PUBCOMP, SUBSCRIBE, SUBACK, UNSUBSCRIBE,UNSUBACK, DISCONNECT, and AUTH packet is a set of Properties. In the CONNECTpacket there is also an optional set of Properties in the Will Properties fieldwith the Payload.
The set of Properties is composed of a Property Length followedby the Properties.
The Property Length is encoded as a Variable Byte Integer.The Property Length does not include the bytes used to encode itself, butincludes the length of the Properties.If thereare no properties, this MUST be indicated by including a Property Length ofzero[MQTT-2.2.2-1].
A Property consists of an Identifier which defines its usageand data type, followed by a value. The Identifier is encoded as a VariableByte Integer. A Control Packet which contains an Identifier which is not validfor its packet type, or contains a value not of the specified data type, is aMalformed Packet. If received, use a CONNACK or DISCONNECT packet with ReasonCode 0x81 (Malformed Packet) as described insection4.13 Handling errors. There is no significance in the order of Propertieswith different Identifiers.
Table 2‑4- Properties
Identifier | Name (usage) | Type | Packet / Will Properties |
Dec | Hex |
1 | 0x01 | Payload Format Indicator | Byte | PUBLISH, Will Properties |
2 | 0x02 | Message Expiry Interval | Four Byte Integer | PUBLISH, Will Properties |
3 | 0x03 | Content Type | UTF-8 Encoded String | PUBLISH, Will Properties |
8 | 0x08 | Response Topic | UTF-8 Encoded String | PUBLISH, Will Properties |
9 | 0x09 | Correlation Data | Binary Data | PUBLISH, Will Properties |
11 | 0x0B | Subscription Identifier | Variable Byte Integer | PUBLISH, SUBSCRIBE |
17 | 0x11 | Session Expiry Interval | Four Byte Integer | CONNECT, CONNACK, DISCONNECT |
18 | 0x12 | Assigned Client Identifier | UTF-8 Encoded String | CONNACK |
19 | 0x13 | Server Keep Alive | Two Byte Integer | CONNACK |
21 | 0x15 | Authentication Method | UTF-8 Encoded String | CONNECT, CONNACK, AUTH |
22 | 0x16 | Authentication Data | Binary Data | CONNECT, CONNACK, AUTH |
23 | 0x17 | Request Problem Information | Byte | CONNECT |
24 | 0x18 | Will Delay Interval | Four Byte Integer | Will Properties |
25 | 0x19 | Request Response Information | Byte | CONNECT |
26 | 0x1A | Response Information | UTF-8 Encoded String | CONNACK |
28 | 0x1C | Server Reference | UTF-8 Encoded String | CONNACK, DISCONNECT |
31 | 0x1F | Reason String | UTF-8 Encoded String | CONNACK, PUBACK, PUBREC, PUBREL, PUBCOMP, SUBACK, UNSUBACK, DISCONNECT, AUTH |
33 | 0x21 | Receive Maximum | Two Byte Integer | CONNECT, CONNACK |
34 | 0x22 | Topic Alias Maximum | Two Byte Integer | CONNECT, CONNACK |
35 | 0x23 | Topic Alias | Two Byte Integer | PUBLISH |
36 | 0x24 | Maximum QoS | Byte | CONNACK |
37 | 0x25 | Retain Available | Byte | CONNACK |
38 | 0x26 | User Property | UTF-8 String Pair | CONNECT, CONNACK, PUBLISH, Will Properties, PUBACK, PUBREC, PUBREL, PUBCOMP, SUBSCRIBE, SUBACK, UNSUBSCRIBE, UNSUBACK, DISCONNECT, AUTH |
39 | 0x27 | Maximum Packet Size | Four Byte Integer | CONNECT, CONNACK |
40 | 0x28 | Wildcard Subscription Available | Byte | CONNACK |
41 | 0x29 | Subscription Identifier Available | Byte | CONNACK |
42 | 0x2A | Shared Subscription Available | Byte | CONNACK |
Non-normative comment
Although the Property Identifier isdefined as a Variable Byte Integer, in this version of the specification all ofthe Property Identifiers are one byte long.
Some MQTT Control Packets contain a Payload as the finalpart of the packet. In the PUBLISH packet this is the Application Message
Table2‑5 - MQTT Control Packets that contain a Payload
MQTT Control Packet | Payload |
CONNECT | Required |
CONNACK | None |
PUBLISH | Optional |
PUBACK | None |
PUBREC | None |
PUBREL | None |
PUBCOMP | None |
SUBSCRIBE | Required |
SUBACK | Required |
UNSUBSCRIBE | Required |
UNSUBACK | Required |
PINGREQ | None |
PINGRESP | None |
DISCONNECT | None |
AUTH | None |
A Reason Code is a one byte unsigned value that indicatesthe result of an operation. Reason Codes less than 0x80 indicate successfulcompletion of an operation. The normal Reason Code for success is 0. ReasonCode values of 0x80 or greater indicate failure.
The CONNACK, PUBACK, PUBREC, PUBREL, PUBCOMP, DISCONNECT andAUTH Control Packets have a single Reason Code as part of the Variable Header.The SUBACK and UNSUBACK packets contain a list of one or more Reason Codes inthe Payload.
The Reason Codes share a common set of values as shownbelow.
Table2‑6 - Reason Codes
Reason Code | Name | Packets |
Decimal | Hex |
0 | 0x00 | Success | CONNACK, PUBACK, PUBREC, PUBREL, PUBCOMP, UNSUBACK, AUTH |
0 | 0x00 | Normal disconnection | DISCONNECT |
0 | 0x00 | Granted QoS 0 | SUBACK |
1 | 0x01 | Granted QoS 1 | SUBACK |
2 | 0x02 | Granted QoS 2 | SUBACK |
4 | 0x04 | Disconnect with Will Message | DISCONNECT |
16 | 0x10 | No matching subscribers | PUBACK, PUBREC |
17 | 0x11 | No subscription existed | UNSUBACK |
24 | 0x18 | Continue authentication | AUTH |
25 | 0x19 | Re-authenticate | AUTH |
128 | 0x80 | Unspecified error | CONNACK, PUBACK, PUBREC, SUBACK, UNSUBACK, DISCONNECT |
129 | 0x81 | Malformed Packet | CONNACK, DISCONNECT |
130 | 0x82 | Protocol Error | CONNACK, DISCONNECT |
131 | 0x83 | Implementation specific error | CONNACK, PUBACK, PUBREC, SUBACK, UNSUBACK, DISCONNECT |
132 | 0x84 | Unsupported Protocol Version | CONNACK |
133 | 0x85 | Client Identifier not valid | CONNACK |
134 | 0x86 | Bad User Name or Password | CONNACK |
135 | 0x87 | Not authorized | CONNACK, PUBACK, PUBREC, SUBACK, UNSUBACK, DISCONNECT |
136 | 0x88 | Server unavailable | CONNACK |
137 | 0x89 | Server busy | CONNACK, DISCONNECT |
138 | 0x8A | Banned | CONNACK |
139 | 0x8B | Server shutting down | DISCONNECT |
140 | 0x8C | Bad authentication method | CONNACK, DISCONNECT |
141 | 0x8D | Keep Alive timeout | DISCONNECT |
142 | 0x8E | Session taken over | DISCONNECT |
143 | 0x8F | Topic Filter invalid | SUBACK, UNSUBACK, DISCONNECT |
144 | 0x90 | Topic Name invalid | CONNACK, PUBACK, PUBREC, DISCONNECT |
145 | 0x91 | Packet Identifier in use | PUBACK, PUBREC, SUBACK, UNSUBACK |
146 | 0x92 | Packet Identifier not found | PUBREL, PUBCOMP |
147 | 0x93 | Receive Maximum exceeded | DISCONNECT |
148 | 0x94 | Topic Alias invalid | DISCONNECT |
149 | 0x95 | Packet too large | CONNACK, DISCONNECT |
150 | 0x96 | Message rate too high | DISCONNECT |
151 | 0x97 | Quota exceeded | CONNACK, PUBACK, PUBREC, SUBACK, DISCONNECT |
152 | 0x98 | Administrative action | DISCONNECT |
153 | 0x99 | Payload format invalid | CONNACK, PUBACK, PUBREC, DISCONNECT |
154 | 0x9A | Retain not supported | CONNACK, DISCONNECT |
155 | 0x9B | QoS not supported | CONNACK, DISCONNECT |
156 | 0x9C | Use another server | CONNACK, DISCONNECT |
157 | 0x9D | Server moved | CONNACK, DISCONNECT |
158 | 0x9E | Shared Subscriptions not supported | SUBACK, DISCONNECT |
159 | 0x9F | Connection rate exceeded | CONNACK, DISCONNECT |
160 | 0xA0 | Maximum connect time | DISCONNECT |
161 | 0xA1 | Subscription Identifiers not supported | SUBACK, DISCONNECT |
162 | 0xA2 | Wildcard Subscriptions not supported | SUBACK, DISCONNECT |
Non-normative comment
For Reason Code 0x91 (Packetidentifier in use), the response to this is either to try to fix the state, orto reset the Session state by connecting using Clean Start set to 1, or todecide if the Client or Server implementations are defective.
3.1 CONNECT – Connection Request
After a Network Connectionis established by a Client to a Server, the first packet sent from the Client tothe Server MUST be a CONNECT packet[MQTT-3.1.0-1].
A Client can only send the CONNECT packet once over aNetwork Connection.The Server MUST process asecond CONNECT packet sent from a Client as a Protocol Error and close theNetwork Connection[MQTT-3.1.0-2]. Refer tosection 4.13 for information about handling errors.
The Payload contains one or moreencoded fields. They specify a unique Client identifier for the Client, a Will Topic,Will Payload, User Name and Password. All but the Client identifier can beomitted and their presence is determined based on flags in the Variable Header.
3.1.1 CONNECT Fixed Header
Figure 3‑1- CONNECT packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (1) | Reserved |
| 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 |
byte 2… | Remaining Length |
Remaining Length field
This is the length of the Variable Header plus the length ofthe Payload. It is encoded as a Variable Byte Integer.
The Variable Header for the CONNECT Packet contains the followingfields in this order: Protocol Name, Protocol Level, Connect Flags, Keep Alive,and Properties. The rules for encoding Properties are described insection 2.2.2.
Figure 3‑2- Protocol Name bytes
| Description | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
Protocol Name |
byte 1 | Length MSB (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 2 | Length LSB (4) | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 |
byte 3 | ‘M’ | 0 | 1 | 0 | 0 | 1 | 1 | 0 | 1 |
byte 4 | ‘Q’ | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 1 |
byte 5 | ‘T’ | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 0 |
byte 6 | ‘T’ | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 0 |
The Protocol Name is a UTF-8Encoded String that represents the protocol name “MQTT”, capitalized as shown.The string, its offset and length will not be changed by future versions of theMQTT specification.
A Server which support multiple protocols uses the ProtocolName to determine whether the data is MQTT.Theprotocol name MUST be the UTF-8 String "MQTT". If the Server does notwant to accept the CONNECT, and wishes to reveal that it is an MQTT Server itMAY send a CONNACK packet with Reason Code of 0x84 (Unsupported ProtocolVersion), and then it MUST close the Network Connection [MQTT-3.1.2-1].
Non-normativecomment
Packetinspectors, such as firewalls, could use the Protocol Name to identify MQTTtraffic.
Figure 3‑3- Protocol Version byte
| Description | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
Protocol Level |
byte 7 | Version(5) | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 |
The one byte unsigned value that represents the revisionlevel of the protocol used by the Client. The value of the Protocol Versionfield for version 5.0 of the protocol is 5 (0x05).
A Server which supports multiple versions of the MQTTprotocol uses the Protocol Version to determine which version of MQTT theClient is using.If the Protocol Version is not5 and the Server does not want to accept the CONNECT packet, the Server MAYsend a CONNACK packet with ReasonCode0x84 (Unsupported Protocol Version) and then MUST close the Network Connection[MQTT-3.1.2-2].
The Connect Flags byte contains several parametersspecifying the behavior of the MQTT connection. It also indicates the presenceor absence of fields in the Payload.
Figure 3‑4- Connect Flag bits
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
| User Name Flag | Password Flag | Will Retain | Will QoS | Will Flag | Clean Start | Reserved |
byte 8 | X | X | X | X | X | X | X | 0 |
The Server MUST validatethat the reserved flag in the CONNECT packet is set to 0[MQTT-3.1.2-3]. If the reserved flag is not 0 it is aMalformed Packet. Refer tosection 4.13 forinformation about handling errors.
3.1.2.4Clean Start
Position: bit 1 of theConnect Flags byte.
Ifa CONNECT packet is received with Clean Start is set to 1, the Client andServer MUST discard any existing Session and start a new Session[MQTT-3.1.2-4]. Consequently, the Session Present flagin CONNACK is always set to 0 if Clean Start is set to 1.
Ifa CONNECT packet is received with Clean Start set to 0 and there is a Sessionassociated with the Client Identifier, the Server MUST resume communicationswith the Client based on state from the existing Session[MQTT-3.1.2-5].If aCONNECT packet is received with Clean Start set to 0 and there is no Sessionassociated with the Client Identifier, the Server MUST create a new Session[MQTT-3.1.2-6].
3.1.2.5Will Flag
Position: bit 2 of the Connect Flags.
If the Will Flag is set to 1this indicates that a Will Message MUST be stored on the Server and associatedwith the Session[MQTT-3.1.2-7]. The WillMessage consists of the Will Properties, Will Topic, and Will Payload fields inthe CONNECT Payload.The Will Message MUST bepublished after the Network Connection is subsequently closed and either theWill Delay Interval has elapsed or the Session ends, unless the Will Messagehas been deleted by the Server on receipt of a DISCONNECT packet with ReasonCode 0x00 (Normal disconnection) or a new Network Connection for the ClientIDis opened before the Will Delay Interval has elapsed[MQTT-3.1.2-8].
Situations in which the Will Message is published include,but are not limited to:
- An I/O error or network failure detected by the Server.
- The Client fails to communicate within the Keep Alive time.
- The Client closes the Network Connection without first sending a DISCONNECT packet with a Reason Code 0x00 (Normal disconnection).
- The Server closes the Network Connection without first receiving a DISCONNECT packet with a Reason Code 0x00 (Normal disconnection).
If the Will Flag is set to1, the Will Properties, Will Topic, and Will Payload fields MUST be present inthe Payload[MQTT-3.1.2-9].The Will Message MUST be removed from the storedSession State in the Server once it has been published or the Server hasreceived a DISCONNECT packet with a Reason Code of 0x00 (Normal disconnection)from the Client[MQTT-3.1.2-10].
The Server SHOULD publish Will Messages promptly after theNetwork Connection is closed and the Will Delay Interval has passed, or whenthe Session ends, whichever occurs first. In the case of a Server shutdown orfailure, the Server MAY defer publication of Will Messages until a subsequentrestart. If this happens, there might be a delay between the time the Serverexperienced failure and when the Will Message is published.
Refer tosection 3.1.3.2for information about the Will Delay Interval.
Non-normative comment
The Client can arrange for the WillMessage to notify that Session Expiry has occurred by setting the Will DelayInterval to be longer than the Session Expiry Interval and sending DISCONNECTwith Reason Code 0x04 (Disconnect with Will Message).
Position: bits 4 and 3 of the Connect Flags.
These two bits specify the QoS level to be used whenpublishing the Will Message.
If the Will Flag is set to 0,then the Will QoS MUST be set to 0(0x00)[MQTT-3.1.2-11].
If the Will Flag is set to1, the value of Will QoS can be 0 (0x00), 1 (0x01), or 2 (0x02)[MQTT-3.1.2-12].Avalue of 3 (0x03) is a Malformed Packet.Refer tosection 4.13 for information about handling errors.
Position: bit 5 of the Connect Flags.
This bit specifies if the Will Message is to be retainedwhen it is published.
If the Will Flag is set to0, then Will Retain MUST be set to 0 [MQTT-3.1.2-13].If the Will Flag isset to 1 and Will Retain is set to 0, the Server MUST publish the Will Messageas a non-retained message[MQTT-3.1.2-14].If the Will Flag isset to 1 and Will Retain is set to 1, the Server MUST publish the Will Messageas a retained message[MQTT-3.1.2-15].
Position: bit 7 of the Connect Flags.
If the User Name Flag is setto 0, a User Name MUST NOT be present in the Payload[MQTT-3.1.2-16].Ifthe User Name Flag is set to 1, a User Name MUST be present in the Payload[MQTT-3.1.2-17].
Position: bit 6 of the Connect Flags.
If the Password Flag is setto 0, a Password MUST NOT be present in the Payload[MQTT-3.1.2-18].Ifthe Password Flag is set to 1, a Password MUST be present in the Payload[MQTT-3.1.2-19].
Non-normative comment
This version of the protocol allowsthe sending of a Password with no User Name, where MQTT v3.1.1 did not. Thisreflects the common use of Password for credentials other than a password.
3.1.2.10Keep Alive
Figure 3‑5- Keep Alive bytes
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 9 | Keep Alive MSB |
byte 10 | Keep Alive LSB |
The Keep Alive is a Two Byte Integer which is a timeinterval measured in seconds. It is the maximum time interval that is permittedto elapse between the point at which the Client finishes transmitting one MQTT ControlPacket and the point it starts sending the next. It is the responsibility ofthe Client to ensure that the interval between MQTT Control Packets being sentdoes not exceed the Keep Alive value.If KeepAlive is non-zero and in the absence of sending any other MQTT Control Packets,the Client MUST send a PINGREQ packet[MQTT-3.1.2-20].
If the Server returns aServer Keep Alive on the CONNACK packet, the Client MUST use that value insteadof the value it sent as the Keep Alive[MQTT-3.1.2-21].
The Client can send PINGREQ at any time, irrespective of theKeep Alive value, and check for a corresponding PINGRESP to determine that thenetwork and the Server are available.
If the Keep Alive value isnon-zero and the Server does not receive an MQTT Control Packet from the Clientwithin one and a half times the Keep Alive time period, it MUST close theNetwork Connection to the Client as if the network had failed[MQTT-3.1.2-22].
If a Client does not receive a PINGRESP packet within areasonable amount of time after it has sent a PINGREQ, it SHOULD close theNetwork Connection to the Server.
A Keep Alive value of 0 has the effect of turning off the KeepAlive mechanism. If Keep Alive is 0 the Client is not obliged to send MQTTControl Packets on any particular schedule.
Non-normative comment
The Server may have other reasonsto disconnect the Client, for instance because it is shutting down. SettingKeep Alive does not guarantee that the Client will remain connected.
Non-normativecomment
The actual value of the Keep Aliveis application specific; typically, this is a few minutes. The maximum value of65,535 is 18 hours 12 minutes and 15 seconds.
The length of the Properties in the CONNECT packet VariableHeader encoded as a Variable Byte Integer.
17 (0x11) Byte, Identifier of the SessionExpiry Interval.
Followed by the Four Byte Integer representing the Session ExpiryInterval in seconds. It is a Protocol Error to include the Session Expiry Intervalmore than once.
If the Session Expiry Interval is absent the value 0 isused. If it is set to 0, or is absent, the Session ends when the Network Connectionis closed.
If the Session Expiry Interval is 0xFFFFFFFF (UINT_MAX), theSession does not expire.
The Client and Server MUSTstore the Session State after the Network Connection is closed if the SessionExpiry Interval is greater than 0[MQTT-3.1.2-23].
Non-normative comment
The clock in the Client or Servermay not be running for part of the time interval, for instance because theClient or Server are not running. This might cause the deletion of the state tobe delayed.
Refertosection 4.1 for more information about Sessions.Refer tosection 4.1.1 for details andlimitations of stored state.
When the Session expires the Clientand Server need not process the deletion of state atomically.
Non-normativecomment
Setting Clean Start to 1 and aSession Expiry Interval of 0, is equivalent to setting CleanSession to 1 in theMQTT Specification Version 3.1.1. Setting Clean Start to 0 and no SessionExpiry Interval, is equivalent to setting CleanSession to 0 in the MQTTSpecification Version 3.1.1.
Non-normativecomment
A Client that only wants to processmessages while connected will set the Clean Start to 1 and set the SessionExpiry Interval to 0. It will not receive Application Messages published beforeit connected and has to subscribe afresh to any topics that it is interested ineach time it connects.
Non-normativecomment
A Client might be connecting to a Serverusing a network that provides intermittent connectivity. This Client can use ashort Session Expiry Interval so that it can reconnect when the network isavailable again and continue reliable message delivery. If the Client does notreconnect, allowing the Session to expire, then Application Messages will belost.
Non-normative comment
When a Client connects with a longSession Expiry Interval, it is requesting that the Server maintain its MQTTsession state after it disconnects for an extended period. Clients should onlyconnect with a long Session Expiry Interval if they intend to reconnect to theServer at some later point in time. When a Client has determined that it has nofurther use for the Session it should disconnect with a Session Expiry Intervalset to 0.
Non-normative comment
The Client should always use the SessionPresent flag in the CONNACK to determine whether the Server has a Session Statefor this Client.
Non-normativecomment
The Client can avoid implementingits own Session expiry and instead rely on the Session Present flag returnedfrom the Server to determine if the Session had expired. If the Client doesimplement its own Session expiry, it needs to store the time at which the SessionState will be deleted as part of its Session State.
3.1.2.11.3Receive Maximum
33 (0x21) Byte, Identifier of the Receive Maximum.
Followed by the Two Byte Integer representing the ReceiveMaximum value. It is a Protocol Error to include the Receive Maximum value morethan once or for it to have the value 0.
The Client uses this value to limit the number of QoS 1 andQoS 2 publications that it is willing to process concurrently. There is no mechanismto limit the QoS 0 publications that the Server might try to send.
The value of Receive Maximum applies only to the currentNetwork Connection.If the Receive Maximum value isabsent then its value defaults to 65,535.
Refer tosection4.9 Flow Control for details of how the Receive Maximum is used.
39 (0x27) Byte, Identifier of the Maximum Packet Size.
Followed by a Four Byte Integerrepresenting the Maximum Packet Size the Client is willing to accept. If theMaximum Packet Size is not present, no limit on the packet size is imposedbeyond the limitations in the protocol as a result of the remaining lengthencoding and the protocol header sizes.
It is a Protocol Error to include the Maximum Packet Sizemore than once, or for the value to be set to zero.
Non-normative comment
It is theresponsibility of the application to select a suitable Maximum Packet Sizevalue if it chooses to restrict the Maximum Packet Size.
The packet size is the total number ofbytes in an MQTT Control Packet, as defined insection 2.1.4. The Client uses the Maximum Packet Size to inform the Server thatit will not process packets exceeding this limit.
The Server MUSTNOT send packets exceeding Maximum Packet Size to the Client[MQTT-3.1.2-24]. If a Clientreceives a packet whose size exceeds this limit, this is a Protocol Error, theClient uses DISCONNECT with Reason Code 0x95 (Packet too large), as describedinsection 4.13.
Where a Packet istoo large to send, the Server MUST discard it without sending it and thenbehave as if it had completed sending that Application Message[MQTT-3.1.2-25].
In the case of a Shared Subscription where themessage is too large to send to one or more of the Clients but other Clients canreceive it, the Server can choose either discard the message without sendingthe message to any of the Clients, or to send the message to one of the Clientsthat can receive it.
Non-normativecomment
Where a packet is discarded withoutbeing sent, the Server could place the discarded packet on a ‘dead letterqueue’ or perform other diagnostic action. Such actions are outside the scopeof this specification.
34 (0x22) Byte, Identifier of the Topic Alias Maximum.
Followed by the Two Byte Integer representing the TopicAlias Maximum value. It is a Protocol Error to include the Topic Alias Maximumvalue more than once. If the Topic Alias Maximum property is absent, thedefault value is 0.
This value indicates the highest value that the Client willaccept as a Topic Alias sent by the Server. The Client uses this value to limitthe number of Topic Aliases that it is willing to hold on this Connection.The Server MUST NOT send a Topic Alias in a PUBLISHpacket to the Client greater than Topic Alias Maximum[MQTT-3.1.2-26]. A value of 0 indicates that theClient does not accept any Topic Aliases on this connection.If Topic Alias Maximum is absent or zero, the ServerMUST NOT send any Topic Aliases to the Client[MQTT-3.1.2-27].
3.1.2.11.6 Request Response Information
25 (0x19) Byte, Identifier of the Request ResponseInformation.
Followed by a Byte with a value of either 0 or 1. It isProtocol Error to include the Request Response Information more than once, orto have a value other than 0 or 1. If the Request Response Information isabsent, the value of 0 is used.
The Client uses this value to request the Server to returnResponse Information in the CONNACK.A value of0 indicates that the Server MUST NOT return Response Information[MQTT-3.1.2-28]. If the value is 1 the Server MAYreturn Response Information in the CONNACK packet.
Non-normativecomment
The Server can choose not toinclude Response Information in the CONNACK, even if the Client requested it.
Refer tosection 4.10 for more information about Request/ Response.
23 (0x17) Byte, Identifier of the Request ProblemInformation.
Followed by a Byte with a value of either 0 or 1. It is aProtocol Error to include Request Problem Information more than once, or tohave a value other than 0 or 1. If the Request Problem Information is absent, thevalue of 1 is used.
The Client uses this value to indicate whether the ReasonString or User Properties are sent in the case of failures.
If the value of RequestProblem Information is 0, the Server MAY return a Reason String or UserProperties on a CONNACK or DISCONNECT packet, but MUST NOT send a Reason Stringor User Properties on any packetother than PUBLISH,CONNACK, or DISCONNECT[MQTT-3.1.2-29].If the value is 0 and the Client receives a Reason String or User Properties ina packet other than PUBLISH, CONNACK, or DISCONNECT, it uses a DISCONNECT packetwith Reason Code 0x82 (Protocol Error) as described insection4.13 Handling errors.
If this value is 1, the Server MAY return a Reason String orUser Properties on any packet where it is allowed.
3.1.2.11.8 User Property
38 (0x26) Byte, Identifier of the User Property.
Followed by a UTF-8 String Pair.
The User Property is allowed toappear multiple times to represent multiple name, value pairs. The same name isallowed to appear more than once.
Non-normativecomment
User Properties on the CONNECTpacket can be used to send connection related properties from the Client to theServer. The meaning of these properties is not defined by this specification.
21 (0x15) Byte, Identifier of the AuthenticationMethod.
Followed by a UTF-8 Encoded String containing the name ofthe authentication method used for extended authentication .It is a ProtocolError to include Authentication Method more than once.
If Authentication Method is absent, extended authenticationis not performed. Refer tosection 4.12.
If a Client sets an AuthenticationMethod in the CONNECT, the Client MUST NOT send any packets other than AUTH orDISCONNECT packets until it has received a CONNACK packet[MQTT-3.1.2-30].
22 (0x16) Byte, Identifier of the AuthenticationData.
Followed by Binary Data containing authentication data. Itis a Protocol Error to include Authentication Data if there is noAuthentication Method. It is a Protocol Error to include Authentication Datamore than once.
The contents of this data are defined by the authenticationmethod. Refer tosection 4.12 for moreinformation about extended authentication.
Figure 3‑6- Variable Header example
| Description | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
Protocol Name |
byte 1 | Length MSB (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 2 | Length LSB (4) | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 |
byte 3 | ‘M’ | 0 | 1 | 0 | 0 | 1 | 1 | 0 | 1 |
byte 4 | ‘Q’ | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 1 |
byte 5 | ‘T’ | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 0 |
byte 6 | ‘T’ | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 0 |
Protocol Version |
| Description | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 7 | Version (5) | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 |
Connect Flags |
byte 8 | User Name Flag (1) Password Flag (1) Will Retain (0) Will QoS (01) Will Flag (1) Clean Start(1) Reserved (0) | 1 | 1 | 0 | 0 | 1 | 1 | 1 | 0 |
Keep Alive |
byte 9 | Keep Alive MSB (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 10 | Keep Alive LSB (10) | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 |
Properties |
byte 11 | Length (5) | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 |
byte 12 | Session Expiry Interval identifier (17) | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 1 |
byte 13 | Session Expiry Interval (10) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 14 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 16 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 |
The Payload of the CONNECTpacket contains one or more length-prefixed fields, whose presence isdetermined by the flags in the Variable Header. These fields, if present, MUSTappear in the order Client Identifier, Will Properties, Will Topic, Will Payload,User Name, Password[MQTT-3.1.3-1].
The Client Identifier (ClientID)identifies the Client to the Server. Each Client connecting to the Server has aunique ClientID.The ClientID MUST be used byClients and by Servers to identify state that they hold relating to this MQTTSession between the Client and the Server[MQTT-3.1.3-2]. Refer tosection 4.1 for more information about Session State.
TheClientID MUST be present and is the first field in the CONNECT packet Payload[MQTT-3.1.3-3].
The ClientID MUST be a UTF-8Encoded String as defined insection1.5.4[MQTT-3.1.3-4].
The Server MUST allow ClientID’swhich are between 1 and 23 UTF-8 encoded bytes in length, and that contain onlythe characters
"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"[MQTT-3.1.3-5].
The Server MAY allow ClientID’s that contain more than 23 encodedbytes. The Server MAY allow ClientID’s that contain characters not included inthe list given above.
A Server MAY allow a Clientto supply a ClientID that has a length of zero bytes, however if it does so theServer MUST treat this as a special case and assign a unique ClientID to thatClient[MQTT-3.1.3-6].It MUST then process the CONNECT packet as if theClient had provided that unique ClientID, and MUSTreturn the Assigned Client Identifier in the CONNACK packet[MQTT-3.1.3-7].
If the Server rejects theClientID it MAY respond to the CONNECT packet with a CONNACK using Reason Code0x85 (Client Identifier not valid) as described insection 4.13 Handling errors, and then it MUST close the NetworkConnection[MQTT-3.1.3-8].
Non-normativecomment
A Client implementation couldprovide a convenience method to generate a random ClientID. Clients using thismethod should take care to avoid creating long-lived orphaned Sessions.
If the Will Flag is set to 1, the Will Properties is thenext field in the Payload. The Will Properties field defines the ApplicationMessage properties to be sent with the Will Message when it is published, andproperties which define when to publish the Will Message. The Will Propertiesconsists of a Property Length and the Properties.
The length of the Properties in the Will Properties encodedas a Variable Byte Integer.
3.1.3.2.2 WillDelay Interval
24 (0x18) Byte, Identifier of the Will DelayInterval.
Followed by the Four Byte Integer representing the WillDelay Interval in seconds. It is a Protocol Error to include the Will Delay Intervalmore than once. If the Will Delay Interval is absent, the default value is 0and there is no delay before the Will Message is published.
The Server delays publishing the Client’s Will Message untilthe Will Delay Interval has passed or the Session ends, whichever happensfirst.If a new Network Connection to thisSession is made before the Will Delay Interval has passed, the Server MUST NOTsend the Will Message[MQTT-3.1.3-9].
Non-normative comment
One use of this is to avoidpublishing Will Messages if there is a temporary network disconnection and theClient succeeds in reconnecting and continuing its Session before the WillMessage is published.
Non-normative comment
If a Network Connection uses aClient Identifier of an existing Network Connection to the Server, the WillMessage for the exiting connection is sent unless the new connection specifiesClean Start of 0 and the Will Delay is greater than zero. If the Will Delay is 0the Will Message is sent at the close of the existing Network Connection, andif Clean Start is 1 the Will Message is sent because the Session ends.
1 (0x01) Byte, Identifier of the Payload FormatIndicator.
Followed by the value of the Payload Format Indicator,either of:
· 0 (0x00) Byte Indicates that the Will Message is unspecifiedbytes, which is equivalent to not sending a Payload Format Indicator.
· 1 (0x01) Byte Indicates that the Will Message is UTF-8 EncodedCharacter Data. The UTF-8 data in the PayloadMUST be well-formed UTF-8 as defined by theUnicode specification[Unicode]and restated in RFC 3629[RFC3629].
It is a Protocol Error to include the Payload Format Indicatormore than once. The Server MAY validate that the Will Message is of the formatindicated, and if it is not send a CONNACK with the Reason Code of 0x99 (Payloadformat invalid) as described in section 4.13.
2 (0x02) Byte, Identifier of the Message Expiry Interval.
Followed by the Four Byte Integer representing the MessageExpiry Interval. It is a Protocol Error to include the Message Expiry Intervalmore than once.
If present, the Four Byte value is the lifetime of the WillMessage in seconds and is sent as the Publication Expiry Interval when theServer publishes the Will Message.
If absent, no Message Expiry Interval is sent when theServer publishes the Will Message.
3 (0x03) Identifier ofthe Content Type.
Followed by a UTF-8 Encoded Stringdescribing the content of the Will Message.It is a Protocol Error to include the Content Type more thanonce.The value of the Content Type is defined by the sending and receivingapplication.
8 (0x08)Byte, Identifier of theResponse Topic.
Followed by aUTF-8 Encoded String which is used as the Topic Name for a response message. Itis a Protocol Error to include the Response Topic more than once. The presenceof a Response Topic identifies the Will Message as a Request.
Refer tosection 4.10 for more information about Request / Response.
9 (0x09) Byte, Identifier of the Correlation Data.
Followed by Binary Data. The Correlation Data is used by thesender of the Request Message to identify which request the Response Message isfor when it is received. It is a Protocol Error to include Correlation Datamore than once. If the Correlation Data is not present, the Requester does notrequire any correlation data.
The value of the Correlation Data only has meaning to thesender of the Request Message and receiver of the Response Message.
Refer tosection 4.10 formore information about Request / Response
38 (0x26) Byte, Identifier of the User Property.
Followed by a UTF-8 String Pair. The User Property isallowed to appear multiple times to represent multiple name, value pairs. Thesame name is allowed to appear more than once.
The Server MUST maintain theorder of User Properties when publishing the Will Message[MQTT-3.1.3-10].
Non-normative comment
This property is intended toprovide a means of transferring application layer name-value tags whose meaningand interpretation are known only by the application programs responsible forsending and receiving them.
If the Will Flag is set to 1, the Will Topic is the nextfield in the Payload. The Will Topic MUST be aUTF-8 Encoded String as defined insection1.5.4[MQTT-3.1.3-11].
If the Will Flag is set to 1 the Will Payload is the nextfield in the Payload. The Will Payload defines the Application Message Payloadthat is to be published to the Will Topic as described insection 3.1.2.5. This field consists of Binary Data.
If the User Name Flag is setto 1, the User Name is the next field in the Payload. The User Name MUST be aUTF-8 Encoded String as defined insection1.5.4[MQTT-3.1.3-12].It can be used by the Server for authentication andauthorization.
If the Password Flag is set to 1, the Password is the nextfield in the Payload. The Password field is Binary Data. Although this field iscalled Password, it can be used to carry any credential information.
3.1.4 CONNECT Actions
Note that a Server MAY support multiple protocols (includingother versions of the MQTT protocol) on the same TCP port or other networkendpoint. If the Server determines that the protocol is MQTT v5.0 then itvalidates the connection attempt as follows.
1. If theServer does not receive a CONNECT packet within a reasonable amount of timeafter the Network Connection is established, the Server SHOULD close the NetworkConnection.
2. The Server MUST validate that the CONNECT packet matchesthe format described insection 3.1and close the Network Connection if it does not match[MQTT-3.1.4-1]. TheServer MAY send a CONNACK with a Reason Code of 0x80 or greater as described insection 4.13 before closing the Network Connection.
- The Server MAY check that the contents of the CONNECT packet meet any further restrictions and SHOULD perform authentication and authorization checks. If any of these checks fail, it MUST close the Network Connection[MQTT-3.1.4-2]. Before closing the Network Connection, it MAY send an appropriate CONNACK response with a Reason Code of 0x80 or greater as described insection 3.2 andsection 4.13.
If validation is successful, theServer performs the following steps.
1. If the ClientID represents a Client already connectedto the Server, the Server sends a DISCONNECT packet to the existing Client withReason Code of 0x8E (Session taken over) as described insection 4.13 and MUST close the Network Connection of theexisting Client[MQTT-3.1.4-3]. If theexisting Client has a Will Message, that Will Message is published as describedin section 3.1.2.5.
Non-normative comment
If the Will Delay Interval of theexisting Network Connection is 0 and there is a Will Message, it will be sentbecause the Network Connection is closed. If the Session Expiry Interval of theexisting Network Connection is 0, or the new Network Connection has Clean Startset to 1 then if the existing Network Connection has a Will Message it will besent because the original Session is ended on the takeover.
2. The Server MUST perform the processing of Clean Startthat is described insection 3.1.2.4[MQTT-3.1.4-4].
3. The Server MUST acknowledge the CONNECT packet with aCONNACK packet containing a 0x00 (Success) Reason Code[MQTT-3.1.4-5].
Non-normative comment
It is recommended thatauthentication and authorization checks be performed if the Server is beingused to process any form of business critical data. If these checks succeed,the Server responds by sending CONNACK with a 0x00 (Success) Reason Code. Ifthey fail, it is suggested that the Server does not send a CONNACK at all, asthis could alert a potential attacker to the presence of the MQTT Server andencourage such an attacker to launch a denial of service or password-guessingattack.
4. Startmessage delivery and Keep Alive monitoring.
Clients are allowed to send further MQTT Control Packetsimmediately after sending a CONNECT packet; Clients need not wait for a CONNACKpacket to arrive from the Server.If the Serverrejects the CONNECT, it MUST NOT process any data sent by the Client after theCONNECT packet except AUTH packets[MQTT-3.1.4-6].
Non-normative comment
Clients typically wait for aCONNACK packet, However, if the Client exploits its freedom to send MQTT ControlPackets before it receives a CONNACK, it might simplify the Clientimplementation as it does not have to police the connected state. The Client acceptsthat any data that it sends before it receives a CONNACK packet from the Serverwill not be processed if the Server rejects the connection.
Non-normative comment
Clients that send MQTT ControlPackets before they receive CONNACK will be unaware of the Server constraintsand whether any existing Session is being used.
Non-normative comment
The Server can limit reading fromthe Network Connection or close the Network Connection if the Client sends toomuch data before authentication is complete. This is suggested as a way ofavoiding denial of service attacks.
3.2 CONNACK – Connectacknowledgement
The CONNACK packet is the packet sent by the Server inresponse to a CONNECT packet received from a Client.The Server MUST send a CONNACK with a 0x00 (Success) Reason Code beforesending any Packet other than AUTH[MQTT-3.2.0-1].The Server MUST NOT send more than one CONNACKin a Network Connection[MQTT-3.2.0-2].
If the Client does not receive aCONNACK packet from the Server within a reasonable amount of time, the ClientSHOULD close the Network Connection. A "reasonable" amount of timedepends on the type of application and the communications infrastructure.
The Fixed Header format is illustrated in Figure 3-7.
Figure 3‑7 – CONNACK packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet Type (2) | Reserved |
| 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 |
byte 2 | Remaining Length |
Remaining Length field
This is the length of the VariableHeader encoded as a Variable Byte Integer.
The Variable Header of the CONNACK Packet contains thefollowing fields in the order: Connect Acknowledge Flags, Connect Reason Code, andProperties. The rules for encoding Properties are described insection 2.2.2.
3.2.2.1 Connect Acknowledge Flags
Byte 1 is the "ConnectAcknowledge Flags". Bits 7-1 are reserved and MUST be set to 0[MQTT-3.2.2-1].
Bit 0 is the Session Present Flag.
Position: bit 0 of the Connect Acknowledge Flags.
The Session Present flag informs the Client whether theServer is using Session State from a previous connection for this ClientID.This allows the Client and Server to have a consistent view of the SessionState.
If the Server accepts aconnection with Clean Start set to 1, the Server MUST set Session Present to 0in the CONNACK packet in addition to setting a 0x00 (Success) Reason Code inthe CONNACK packet[MQTT-3.2.2-2].
If the Server accepts aconnection with Clean Start set to 0 and the Server has Session State for theClientID, it MUST set Session Present to 1 in the CONNACK packet, otherwise itMUST set Session Present to 0 in the CONNACK packet. In both cases it MUST seta 0x00 (Success) Reason Code in the CONNACK packet [MQTT-3.2.2-3].
If the value of Session Present received by the Client fromthe Server is not as expected, the Client proceeds as follows:
· If the Client does not haveSession State and receives Session Present set to 1 it MUST close the NetworkConnection[MQTT-3.2.2-4]. If it wishesto restart with a new Session the Client can reconnect using Clean Start set to1.
· If the Client does have SessionState and receives Session Present set to 0 it MUST discard its Session Stateif it continues with the Network Connection[MQTT-3.2.2-5].
If a Server sends a CONNACKpacket containing a non-zero Reason Code it MUST set Session Present to 0[MQTT-3.2.2-6].
3.2.2.2 Connect Reason Code
Byte 2 in the Variable Header is the Connect Reason Code.
The values the Connect Reason Code are shown below. If awell formed CONNECT packet is received by the Server, but the Server is unableto complete the Connection the Server MAY send a CONNACK packet containing theappropriate Connect Reason code from this table.Ifa Server sends a CONNACK packet containing a Reason code of 128 or greater itMUST then close the Network Connection[MQTT-3.2.2-7].
Table3‑1 - Connect Reason Code values
Value | Hex | Reason Code name | Description |
0 | 0x00 | Success | The Connection is accepted. |
128 | 0x80 | Unspecified error | The Server does not wish to reveal the reason for the failure, or none of the other Reason Codes apply. |
129 | 0x81 | Malformed Packet | Data within the CONNECT packet could not be correctly parsed. |
130 | 0x82 | Protocol Error | Data in the CONNECT packet does not conform to this specification. |
131 | 0x83 | Implementation specific error | The CONNECT is valid but is not accepted by this Server. |
132 | 0x84 | Unsupported Protocol Version | The Server does not support the version of the MQTT protocol requested by the Client. |
133 | 0x85 | Client Identifier not valid | The Client Identifier is a valid string but is not allowed by the Server. |
134 | 0x86 | Bad User Name or Password | The Server does not accept the User Name or Password specified by the Client |
135 | 0x87 | Not authorized | The Client is not authorized to connect. |
136 | 0x88 | Server unavailable | The MQTT Server is not available. |
137 | 0x89 | Server busy | The Server is busy. Try again later. |
138 | 0x8A | Banned | This Client has been banned by administrative action. Contact the server administrator. |
140 | 0x8C | Bad authentication method | The authentication method is not supported or does not match the authentication method currently in use. |
144 | 0x90 | Topic Name invalid | The Will Topic Name is not malformed, but is not accepted by this Server. |
149 | 0x95 | Packet too large | The CONNECT packet exceeded the maximum permissible size. |
151 | 0x97 | Quota exceeded | An implementation or administrative imposed limit has been exceeded. |
153 | 0x99 | Payload format invalid | The Will Payload does not match the specified Payload Format Indicator. |
154 | 0x9A | Retain not supported | The Server does not support retained messages, and Will Retain was set to 1. |
155 | 0x9B | QoS not supported | The Server does not support the QoS set in Will QoS. |
156 | 0x9C | Use another server | The Client should temporarily use another server. |
157 | 0x9D | Server moved | The Client should permanently use another server. |
159 | 0x9F | Connection rate exceeded | The connection rate limit has been exceeded. |
The Server sending theCONNACK packet MUST use one of the Connect Reason Code valuesT-3.2.2-8].
Non-normativecomment
Reason Code 0x80 (Unspecifiederror) may be used where the Server knows the reason for the failure but doesnot wish to reveal it to the Client, or when none of the other Reason Codevalues applies.
The Server may choose to close the NetworkConnection without sending a CONNACK to enhance security in the case where anerror is found on the CONNECT. For instance, when on a public network and theconnection has not been authorized it might be unwise to indicate that this isan MQTT Server.
This is the length of the Properties in the CONNACK packet VariableHeader encoded as a Variable Byte Integer.
17 (0x11) Byte, Identifier of the Session ExpiryInterval.
Followed by the Four Byte Integer representing the SessionExpiry Interval in seconds. It is a Protocol Error to include the SessionExpiry Interval more than once.
If the Session Expiry Interval is absent the value in theCONNECT Packet used. The server uses this property to inform the Client that itis using a value other than that sent by the Client in the CONNACK. Refer to section3.1.2.11.2 for a description of the use of Session Expiry Interval.
3.2.2.3.3 Receive Maximum
33 (0x21) Byte, Identifier of the Receive Maximum.
Followed by the Two Byte Integer representing the ReceiveMaximum value. It is a Protocol Error to include the Receive Maximum value morethan once or for it to have the value 0.
The Server uses this value to limit the number of QoS 1 andQoS 2 publications that it is willing to process concurrently for the Client. Itdoes not provide a mechanism to limit the QoS 0 publications that the Clientmight try to send.
If the Receive Maximum value isabsent, then its value defaults to 65,535.
Refer tosection4.9 Flow Control for details of how the Receive Maximum is used.
36 (0x24) Byte, Identifier of the Maximum QoS.
Followed by a Byte with a value of either 0 or 1. It is aProtocol Error to include Maximum QoS more than once, or to have a value otherthan 0 or 1. If the Maximum QoS is absent, the Client uses a Maximum QoS of 2.
If a Server does not supportQoS 1 or QoS 2 PUBLISH packets it MUST send a Maximum QoS in the CONNACK packetspecifying the highest QoS it supports[MQTT-3.2.2-9].A Server that does not support QoS 1 or QoS 2PUBLISH packets MUST still accept SUBSCRIBE packets containing a Requested QoSof 0, 1 or 2[MQTT-3.2.2-10].
If a Client receives aMaximum QoS from a Server, it MUST NOT send PUBLISH packets at a QoS level exceedingthe Maximum QoS level specified[MQTT-3.2.2-11].It is a Protocol Error if the Server receives a PUBLISH packet with a QoSgreater than the Maximum QoS it specified. In this case use DISCONNECT withReason Code 0x9B (QoS not supported) as described insection4.13 Handling errors.
If a Server receives aCONNECT packet containing a Will QoS that exceeds its capabilities, it MUSTreject the connection. It SHOULD use a CONNACK packet with Reason Code 0x9B(QoS not supported)as described insection 4.13 Handling errors, and MUST close the Network Connection[MQTT-3.2.2-12].
Non-normativecomment
A Client does not need to supportQoS 1 or QoS 2 PUBLISH packets. If this is the case, the Client simplyrestricts the maximum QoS field in any SUBSCRIBE commands it sends to a valueit can support.
37 (0x25) Byte, Identifier of Retain Available.
Followed by a Byte field. If present, this byte declareswhether the Server supports retained messages. A value of 0 means that retainedmessages are not supported. A value of 1 means retained messages are supported.If not present, then retained messages are supported. It is a Protocol Error toinclude Retain Available more than once or to use a value other than 0 or 1.
If a Server receives aCONNECT packet containing a Will Message with the Will Retain set to 1, and itdoes not support retained messages, the Server MUST reject the connectionrequest. It SHOULD send CONNACK with Reason Code 0x9A (Retain not supported)and then it MUST close the Network Connection[MQTT-3.2.2-13].
A Client receiving RetainAvailable set to 0 from the Server MUST NOT send a PUBLISH packet with theRETAIN flag set to 1[MQTT-3.2.2-14]. Ifthe Server receives such a packet, this is a Protocol Error. The Server SHOULDsend a DISCONNECT with Reason Code of 0x9A (Retain not supported) as describedinsection 4.13.
39 (0x27) Byte, Identifier of the Maximum PacketSize.
Followed by a Four Byte Integer representing the MaximumPacket Size the Server is willing to accept. If the Maximum Packet Size is notpresent, there is no limit on the packet size imposed beyond the limitations inthe protocol as a result of the remaining length encoding and the protocolheader sizes.
It is a Protocol Error to include the Maximum Packet Size morethan once, or for the value to be set to zero.
The packet size is the total numberof bytes in an MQTT Control Packet, as defined insection 2.1.4. The Server uses theMaximum Packet Size to inform the Client that it will not process packets whosesize exceeds this limit.
The Client MUSTNOT send packets exceeding Maximum Packet Size to the Server[MQTT-3.2.2-15]. If a Server receives a packet whose size exceeds this limit, this isa Protocol Error, the Server uses DISCONNECT with Reason Code 0x95 (Packet too large),as described insection 4.13.
18 (0x12) Byte, Identifier of the Assigned ClientIdentifier.
Followed by the UTF-8 string which is the Assigned ClientIdentifier. It is a Protocol Error to include the Assigned Client Identifiermore than once.
The Client Identifier which was assigned by theServer because a zero length Client Identifier was found in the CONNECT packet.
If the Client connects usinga zero length Client Identifier, the Server MUST respond with a CONNACKcontaining an Assigned Client Identifier. The Assigned Client Identifier MUSTbe a new Client Identifier not used by any other Session currently in theServer[MQTT-3.2.2-16].
34 (0x22) Byte, Identifier of the Topic Alias Maximum.
Followed by the Two Byte Integer representing the TopicAlias Maximum value. It is a Protocol Error to include the Topic Alias Maximumvalue more than once. If the Topic Alias Maximum property is absent, thedefault value is 0.
This value indicates the highest value that the Server willaccept as a Topic Alias sent by the Client. The Server uses this value to limitthe number of Topic Aliases that it is willing to hold on this Connection.The Client MUST NOT send a Topic Alias in a PUBLISHpacket to the Server greater than this value[MQTT-3.2.2-17].A value of 0 indicates that the Server does not accept any Topic Aliases onthis connection.If Topic Alias Maximum isabsent or 0, the Client MUST NOT send any Topic Aliases on to the Server[MQTT-3.2.2-18].
31 (0x1F) Byte Identifier of the Reason String.
Followed by the UTF-8 Encoded String representing the reasonassociated with this response. This Reason String is a human readable stringdesigned for diagnostics and SHOULD NOT be parsed by the Client.
The Server uses this value to give additional information tothe Client.The Server MUST NOT send thisproperty if it would increase the size of the CONNACK packet beyond the MaximumPacket Size specified by the Client[MQTT-3.2.2-19].It is a Protocol Error to include the Reason String more than once.
Non-normativecomment
Proper uses for the reason stringin the Client would include using this information in an exception thrown by theClient code, or writing this string to a log.
38 (0x26) Byte,Identifierof User Property.
Followed by a UTF-8String Pair. This property can be used to provide additional information to theClient including diagnostic information.The ServerMUST NOT send this property if it would increase the size of the CONNACK packetbeyond the Maximum Packet Size specified by the Client[MQTT-3.2.2-20]. The User Property is allowed toappear multiple times to represent multiple name, value pairs. The same name isallowed to appear more than once.
The content and meaning of thisproperty is not defined by this specification. The receiver of a CONNACKcontaining this property MAY ignore it.
40 (0x28) Byte, Identifier of Wildcard SubscriptionAvailable.
Followed by a Byte field. If present, this byte declareswhether the Server supports Wildcard Subscriptions. A value is 0 means thatWildcard Subscriptions are not supported. A value of 1 means WildcardSubscriptions are supported. If not present, then Wildcard Subscriptions aresupported. It is a Protocol Error to include the Wildcard SubscriptionAvailable more than once or to send a value other than 0 or 1.
If the Server receives a SUBSCRIBE packet containing a WildcardSubscription and it does not support Wildcard Subscriptions, this is a ProtocolError. The Server uses DISCONNECT with Reason Code 0xA2 (Wildcard Subscriptionsnot supported) as described insection 4.13.
If a Server supports Wildcard Subscriptions, it can still rejecta particular subscribe request containing a Wildcard Subscription. In this casethe Server MAY send a SUBACK Control Packet with a Reason Code 0xA2 (WildcardSubscriptions not supported).
41 (0x29) Byte, Identifier of Subscription IdentifierAvailable.
Followed by a Byte field. If present, this byte declareswhether the Server supports Subscription Identifiers. A value is 0 means thatSubscription Identifiers are not supported. A value of 1 means SubscriptionIdentifiers are supported. If not present, then Subscription Identifiers aresupported. It is a Protocol Error to include the Subscription IdentifierAvailable more than once, or to send a value other than 0 or 1.
If the Server receives a SUBSCRIBE packet containingSubscription Identifier and it does not support Subscription Identifiers, thisis a Protocol Error. The Server uses DISCONNECT with Reason Code of 0xA1(Subscription Identifiers not supported) as described insection4.13.
42 (0x2A) Byte, Identifier of Shared SubscriptionAvailable.
Followed by a Byte field. If present, this byte declareswhether the Server supports Shared Subscriptions. A value is 0 means thatShared Subscriptions are not supported. A value of 1 means Shared Subscriptionsare supported. If not present, then Shared Subscriptions are supported. It is aProtocol Error to include the Shared Subscription Available more than once orto send a value other than 0 or 1.
If the Server receives a SUBSCRIBE packet containing SharedSubscriptions and it does not support Shared Subscriptions, this is a ProtocolError. The Server uses DISCONNECT with Reason Code 0x9E (Shared Subscriptionsnot supported) as described insection 4.13.
19 (0x13) Byte, Identifier of the Server Keep Alive.
Followed by a Two Byte Integer with the Keep Alive timeassigned by the Server.If the Server sends aServer Keep Alive on the CONNACK packet, the Client MUST use this value insteadof the Keep Alive value the Client sent on CONNECT[MQTT-3.2.2-21].Ifthe Server does not send the Server Keep Alive, the Server MUST use the KeepAlive value set by the Client on CONNECT[MQTT-3.2.2-22].It is a Protocol Error to include the Server Keep Alive more than once.
Non-normativecomment
The primary use of the Server KeepAlive is for the Server to inform the Client that it will disconnect the Clientfor inactivity sooner than the Keep Alive specified by the Client.
3.2.2.3.15 ResponseInformation
26 (0x1A) Byte, Identifier of the ResponseInformation.
Followed by a UTF-8 Encoded String which is used as thebasis for creating a Response Topic. The way in which the Client creates aResponse Topic from the Response Information is not defined by thisspecification. It is a Protocol Error to include the Response Information morethan once.
If the Client sends a Request Response Information with avalue 1, it is OPTIONAL for the Server to send the Response Information in theCONNACK.
Non-normativecomment
A common use of this is to pass aglobally unique portion of the topic tree which is reserved for this Client forat least the lifetime of its Session. This often cannot just be a random nameas both the requesting Client and the responding Client need to be authorizedto use it. It is normal to use this as the root of a topic tree for aparticular Client. For the Server to return this information, it normally needsto be correctly configured. Using this mechanism allows this configuration tobe done once in the Server rather than in each Client.
Refer tosection 4.10 for more information about Request/ Response.
28 (0x1C) Byte, Identifier of the Server Reference.
Followed by a UTF-8 Encoded String which can be used by theClient to identify another Server to use. It is a Protocol Error to include theServer Reference more than once.
The Server uses a Server Reference in either a CONNACK orDISCONNECT packet with Reason code of 0x9C (Use another server) or Reason Code0x9D (Server moved) as described insection 4.13.
Refer to section 4.11 Server redirection for informationabout how Server Reference is used.
21 (0x15) Byte, Identifier of the AuthenticationMethod.
Followed by a UTF-8 Encoded String containing the name ofthe authentication method. It is a Protocol Error to include the AuthenticationMethod more than once. Refer tosection4.12 for more information about extended authentication.
22 (0x16) Byte, Identifier of the AuthenticationData.
Followed by Binary Data containing authentication data. Thecontents of this data are defined by the authentication method and the state ofalready exchanged authentication data. It is a Protocol Error to include theAuthentication Data more than once. Refer tosection4.12 for more information about extended authentication.
3.2.3CONNACK Payload
The CONNACK packet has no Payload.
A PUBLISH packet is sent from a Client to a Server or from aServer to a Client to transport an Application Message.
3.3.1PUBLISH Fixed Header
Figure3‑8 – PUBLISH packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (3) | DUP flag | QoS level | RETAIN |
| 0 | 0 | 1 | 1 | X | X | X | X |
byte 2… | Remaining Length |
Position: byte 1, bit 3.
If the DUP flag is set to 0, it indicates that this is thefirst occasion that the Client or Server has attempted to send this PUBLISH packet.If the DUP flag is set to 1, it indicates that this might be re-delivery of anearlier attempt to send the packet.
The DUP flag MUST be set to1 by the Client or Server when it attempts to re-deliver a PUBLISH packet[MQTT-3.3.1-1].TheDUP flag MUST be set to 0 for all QoS 0 messages[MQTT-3.3.1-2].
The value of the DUP flag from an incoming PUBLISH packet isnot propagated when the PUBLISH packet is sent to subscribers by the Server.The DUP flag in the outgoing PUBLISH packet is setindependently to the incoming PUBLISH packet, its value MUST be determinedsolely by whether the outgoing PUBLISH packet is a retransmission[MQTT-3.3.1-3].
Non-normativecomment
The receiver of an MQTT ControlPacket that contains the DUP flag set to 1 cannot assume that it has seen anearlier copy of this packet.
Non-normativecomment
It is important to note that theDUP flag refers to the MQTT Control Packet itself and not to the ApplicationMessage that it contains. When using QoS 1, it is possible for a Client toreceive a PUBLISH packet with DUP flag set to 0 that contains a repetition ofan Application Message that it received earlier, but with a different PacketIdentifier. Section 2.2.1 provides moreinformation about Packet Identifiers.
Position: byte 1, bits 2-1.
This field indicates the level of assurance for delivery ofan Application Message. The QoS levels are shown below.
Table3‑2 - QoS definitions
QoS value | Bit 2 | bit 1 | Description |
0 | 0 | 0 | At most once delivery |
1 | 0 | 1 | At least once delivery |
2 | 1 | 0 | Exactly once delivery |
- | 1 | 1 | Reserved – must not be used |
If the Server included a Maximum QoS in its CONNACK responseto a Client and it receives a PUBLISH packet with a QoS greater than this, thenit uses DISCONNECT with Reason Code 0x9B (QoS not supported) as described insection 4.13 Handling errors.
A PUBLISH Packet MUST NOThave both QoS bits set to 1[MQTT-3.3.1-4].If a Server or Client receives a PUBLISH packet which has both QoS bits set to1 it is a Malformed Packet. Use DISCONNECT with Reason Code 0x81 (MalformedPacket) as described insection 4.13.
Position: byte 1, bit 0.
If the RETAIN flag is set to1 in a PUBLISH packet sent by a Client to a Server, the Server MUST replace anyexisting retained message for this topic and store the Application Message[MQTT-3.3.1-5], so that it can be delivered tofuture subscribers whose subscriptions match its Topic Name.If the Payload contains zero bytes it is processednormally by the Server but any retained message with the same topic name MUSTbe removed and any future subscribers for the topic will not receive a retainedmessage[MQTT-3.3.1-6].A retained message with a Payload containing zero bytesMUST NOT be stored as a retained message on the Server[MQTT-3.3.1-7].
If the RETAIN flag is 0 in aPUBLISH packet sent by a Client to a Server, the Server MUST NOT store the messageas a retained message and MUST NOT remove or replace any existing retainedmessage[MQTT-3.3.1-8].
If the Server included Retain Available in its CONNACKresponse to a Client with its value set to 0 and it receives a PUBLISH packetwith the RETAIN flag is set to 1, then it uses the DISCONNECT Reason Code of0x9A (Retain not supported) as described insection4.13.
When a new Non‑shared Subscription is made, the lastretained message, if any, on each matching topic name is sent to the Client asdirected by the Retain Handling Subscription Option. These messages are sentwith the RETAIN flag set to 1. Which retained messages are sent is controlledby the Retain Handling Subscription Option. At the time of the Subscription:
· If Retain Handling is set to 0the Server MUST send the retained messages matching the Topic Filter of thesubscription to the Client[MQTT-3.3.1-9].
· If Retain Handling is set to 1 thenif the subscription did not already exist, the Server MUST send all retainedmessage matching the Topic Filter of the subscription to the Client, and if thesubscription did exist the Server MUST NOT send the retained messages.[MQTT-3.3.1-10].
· If Retain Handling is set to 2,the Server MUST NOT send the retained messages[MQTT-3.3.1-11].
Refer tosection 3.8.3.1for a definition of the Subscription Options.
If the Server receives a PUBLISH packet with the RETAIN flagset to 1, and QoS 0 it SHOULD store the new QoS 0 message as the new retainedmessage for that topic, but MAY choose to discard it at any time. If thishappens there will be no retained message for that topic.
If the current retained message for a Topic expires, it isdiscarded and there will be no retained message for that topic.
The setting of the RETAIN flag in an Application Messageforwarded by the Server from an established connection is controlled by the RetainAs Published subscription option. Refer tosection3.8.3.1 for a definition of the Subscription Options.
· If the value of Retain AsPublished subscription option is set to 0, the Server MUST set the RETAIN flagto 0 when forwarding an Application Message regardless of how the RETAIN flagwas set in the received PUBLISH packet[MQTT-3.3.1-12].
· If the value of Retain As Publishedsubscription option is set to 1, the Server MUST set the RETAIN flag equal tothe RETAIN flag in the received PUBLISH packet[MQTT-3.3.1-13].
Non-normativecomment
Retained messages are useful wherepublishers send state messages on an irregular basis. A new non-sharedsubscriber will receive the most recent state.
This is the length of Variable Header plus the length of thePayload, encoded as a Variable Byte Integer.
The Variable Header of the PUBLISH Packet contains thefollowing fields in the order: Topic Name, Packet Identifier, and Properties.The rules for encoding Properties are described insection2.2.2.
The Topic Name identifies the information channel to which Payloaddata is published.
The Topic Name MUST bepresent as the first field in the PUBLISH packet Variable Header. It MUST be aUTF-8 Encoded String as defined insection1.5.4[MQTT-3.3.2-1].
TheTopic Name in the PUBLISH packet MUST NOT contain wildcard characters[MQTT-3.3.2-2].
The Topic Name in a PUBLISHpacket sent by a Server to a subscribing Client MUST match the Subscription’sTopic Filter according to the matching process defined insection 4.7[MQTT-3.3.2-3].However, as the Server is permitted to map the Topic Name to another name, itmight not be the same as the Topic Name in the original PUBLISH packet.
To reduce the size of the PUBLISH packet the sender can usea Topic Alias. The Topic Alias is described insection3.3.2.3.4. It is a Protocol Error if the Topic Name is zero length andthere is no Topic Alias.
The Packet Identifier field is only present in PUBLISH packetswhere the QoS level is 1 or 2.Section 2.2.1provides more information about Packet Identifiers.
The length of the Properties inthe PUBLISH packet Variable Header encoded as a Variable Byte Integer.
1 (0x01) Byte, Identifier of the Payload FormatIndicator.
Followed by the value of the Payload Forma t Indicator,either of:
· 0 (0x00) Byte Indicates that the Payload is unspecified bytes, whichis equivalent to not sending a Payload Format Indicator.
· 1 (0x01) Byte Indicates that the Payload is UTF-8 EncodedCharacter Data. The UTF-8 data in the PayloadMUST be well-formed UTF-8 as defined by theUnicode specification[Unicode] and restated in RFC 3629[RFC3629].
A Server MUST send thePayload Format Indicator unaltered to all subscribers receiving the ApplicationMessage[MQTT-3.3.2-4]. The receiver MAYvalidate that the Payload is of the format indicated, and if it is not send aPUBACK, PUBREC, or DISCONNECT with Reason Code of 0x99 (Payload format invalid)as described insection 4.13. Refer tosection5.4.9 for information about security issues invalidating the payload format.
2 (0x02) Byte, Identifier of the Message Expiry Interval.
Followed by the Four Byte Integer representing the Message ExpiryInterval.
If present, the Four Byte value is the lifetime of the ApplicationMessage in seconds.If the Message ExpiryInterval has passed and the Server has not managed to start onward delivery toa matching subscriber, then it MUST delete the copy of the message for thatsubscriber[MQTT-3.3.2-5].
If absent, the Application Messagedoes not expire.
The PUBLISH packet sent to aClient by the Server MUST contain a Message Expiry Interval set to the receivedvalue minus the time that the Application Message has been waiting in theServer[MQTT-3.3.2-6].Refer tosection 4.1 for details and limitations of storedstate.
3.3.2.3.4 Topic Alias
35 (0x23) Byte, Identifier of the Topic Alias.
Followed by the Two Byte integer representing the TopicAlias value. It is a Protocol Error to include the Topic Alias value more thanonce.
A Topic Alias is an integer value that is used to identifythe Topic instead of using the Topic Name. This reduces the size of the PUBLISHpacket, and is useful when the Topic Names are long and the same Topic Namesare used repetitively within a Network Connection.
The sender decides whether to use a Topic Alias and choosesthe value. It sets a Topic Alias mapping by including a non-zero length TopicName and a Topic Alias in the PUBLISH packet. The receiver processes thePUBLISH as normal but also sets the specified Topic Alias mapping to this TopicName.
If a Topic Alias mapping has been set at the receiver, asender can send a PUBLISH packet that contains that Topic Alias and a zero lengthTopic Name. The receiver then treats the incoming PUBLISH as if it hadcontained the Topic Name of the Topic Alias.
A sender can modify the Topic Alias mapping by sendinganother PUBLISH in the same Network Connection with the same Topic Alias valueand a different non-zero length Topic Name.
Topic Alias mappings exist only within a Network Connectionand last only for the lifetime of that Network Connection.A receiver MUST NOT carry forward any Topic Alias mappingsfrom one Network Connection to another[MQTT-3.3.2-7].
A Topic Alias of 0 is not permitted.A sender MUST NOT send a PUBLISH packet containing a Topic Alias whichhas the value 0[MQTT-3.3.2-8].
A Client MUST NOT send aPUBLISH packet with a Topic Alias greater than the Topic Alias Maximum valuereturned by the Server in the CONNACK packet[MQTT-3.3.2-9].A Client MUST accept all Topic Alias valuesgreater than 0 and less than or equal to the Topic Alias Maximum value that itsent in the CONNECT packet[MQTT-3.3.2-10].
A Server MUST NOT send aPUBLISH packet with a Topic Alias greater than the Topic Alias Maximum valuesent by the Client in the CONNECT packet[MQTT-3.3.2-11].A Server MUST accept all Topic Alias valuesgreater than 0 and less than or equal to the Topic Alias Maximum value that itreturned in the CONNACK packet[MQTT-3.3.2-12].
The Topic Alias mappings used by the Client and Server areindependent from each other. Thus, when a Client sends a PUBLISH containing aTopic Alias value of 1 to a Server and the Server sends a PUBLISH with a TopicAlias value of 1 to that Client they will in general be referring to differentTopics.
3.3.2.3.5Response Topic
8 (0x08)Byte, Identifier of theResponse Topic.
Followed by aUTF-8 Encoded String which is used as the Topic Name for a response message.The Response Topic MUST be a UTF-8 Encoded Stringas defined insection 1.5.4[MQTT-3.3.2-13].The Response Topic MUST NOT containwildcard characters[MQTT-3.3.2-14]. It is a Protocol Error to include the ResponseTopic more than once. The presence of a Response Topic identifies the Messageas a Request.
Refertosection4.10 for more information about Request/ Response.
The Server MUSTsend the Response Topic unaltered to all subscribers receiving the ApplicationMessage[MQTT-3.3.2-15].
Non-normative comment:
The receiver of an Application Message with a Response Topicsends a response by using the Response Topic as the Topic Name of a PUBLISH. Ifthe Request Message contains a Correlation Data, the receiver of the RequestMessage should also include this Correlation Data as a property in the PUBLISHpacket of the Response Message.
3.3.2.3.6 CorrelationData
9 (0x09) Byte, Identifier of the Correlation Data.
Followed by Binary Data. The Correlation Data is used by thesender of the Request Message to identify which request the Response Message isfor when it is received. It is a Protocol Error to include Correlation Datamore than once. If the Correlation Data is not present, the Requester does notrequire any correlation data.
TheServer MUST send the Correlation Data unaltered to all subscribers receivingthe Application Message[MQTT-3.3.2-16].The value of the Correlation Data only has meaning to the sender of the RequestMessage and receiver of the Response Message.
Non-normativecomment
The receiver of an ApplicationMessage which contains both a Response Topic and a Correlation Data sends aresponse by using the Response Topic as the Topic Name of a PUBLISH. The Clientshould also send the Correlation Data unaltered as part of the PUBLISH of theresponses.
Non-normative comment
If the Correlation Data containsinformation which can cause application failures if modified by the Client respondingto the request, it should be encrypted and/or hashed to allow any alteration tobe detected.
Refer tosection 4.10 formore information about Request / Response
38 (0x26) Byte, Identifier of the User Property.
Followed by a UTF-8 String Pair. The User Property is allowedto appear multiple times to represent multiple name, value pairs. The same nameis allowed to appear more than once.
The Server MUST send allUser Properties unaltered in a PUBLISH packet when forwarding the ApplicationMessage to a Client[MQTT-3.3.2-17].The Server MUST maintain the order of User Propertieswhen forwarding the Application Message[MQTT-3.3.2-18].
Non-normativecomment
This property is intended toprovide a means of transferring application layer name-value tags whose meaningand interpretation are known only by the application programs responsible forsending and receiving them.
11 (0x0B),Identifier of the Subscription Identifier.
Followed by aVariable Byte Integer representing the identifier of the subscription.
The SubscriptionIdentifier can have the value of 1 to 268,435,455. It is a Protocol Error ifthe Subscription Identifier has a value of 0. Multiple Subscription Identifierswill be included if the publication is the result of a match to more than onesubscription, in this case their order is not significant.
3 (0x03)Identifier of the Content Type.
Followed by a UTF-8Encoded String describing the content of the Application Message.The Content Type MUST be a UTF-8Encoded String as definedinsection1.5.4[MQTT-3.3.2-19].
It is a Protocol Error to include the ContentType more than once.The value of the Content Type is defined by thesending and receiving application.
AServer MUST send the Content Type unaltered to all subscribers receiving the ApplicationMessage[MQTT-3.3.2-20].
Non-normativecomment
The UTF-8 Encoded String may use a MIMEcontent type string to describe the contents of the Application message.However, since the sending and receiving applications are responsible for thedefinition and interpretation of the string, MQTT performs no validation of thestring except to insure it is a valid UTF-8 Encoded String.
Non-normative example
Figure 3-9 shows an example of a PUBLISHpacket with the Topic Name set to “a/b”, the Packet Identifier set to 10, andhaving no properties.
Figure3‑9- PUBLISH packet Variable Header non-normative example
| Description | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
Topic Name |
byte 1 | Length MSB (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 2 | Length LSB (3) | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 |
byte 3 | ‘a’ (0x61) | 0 | 1 | 1 | 0 | 0 | 0 | 0 | 1 |
byte 4 | ‘/’ (0x2F) | 0 | 0 | 1 | 0 | 1 | 1 | 1 | 1 |
byte 5 | ‘b’ (0x62) | 0 | 1 | 1 | 0 | 0 | 0 | 1 | 0 |
Packet Identifier |
byte 6 | Packet Identifier MSB (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 7 | Packet Identifier LSB (10) | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 |
Property Length |
byte 8 | No Properties | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
The Payload contains the Application Message that is beingpublished. The content and format of the data is application specific. Thelength of the Payload can be calculated by subtracting the length of the VariableHeader from the Remaining Length field that is in the Fixed Header. It is validfor a PUBLISH packet to contain a zero length Payload.
3.3.4 PUBLISH Actions
The receiver of a PUBLISHPacket MUST respond with the packet as determined by the QoS in the PUBLISHPacket[MQTT-3.3.4-1].
Table 3‑3 Expected PUBLISH packet response
QoS Level | Expected Response |
QoS 0 | None |
QoS 1 | PUBACK packet |
QoS 2 | PUBREC packet |
The Client uses a PUBLISH packet to send an ApplicationMessage to the Server, for distribution to Clients with matching subscriptions.
The Server uses a PUBLISH packet to send an ApplicationMessage to each Client which has a matching subscription. The PUBLISH packetincludes the Subscription Identifier carried in the SUBSCRIBE packet, if therewas one.
When Clients make subscriptions with Topic Filters thatinclude wildcards, it is possible for a Client’s subscriptions to overlap sothat a published message might match multiple filters.In this case the Server MUST deliver the message to the Client respectingthe maximum QoS of all the matching subscriptions[MQTT-3.3.4-2]. In addition, the Server MAY deliverfurther copies of the message, one for each additional matching subscriptionand respecting the subscription’s QoS in each case.
If a Client receives an unsolicited Application Message (notresulting from a subscription) which has a QoS greater than Maximum QoS, ituses a DISCONNECT packet with Reason Code 0x9B (QoS not supported ) asdescribed insection 4.13 Handling errors.
If the Client specified aSubscription Identifier for any of the overlapping subscriptions the ServerMUST send those Subscription Identifiers in the message which is published asthe result of the subscriptions[MQTT-3.3.4-3].If the Server sends a single copy of themessage it MUST include in the PUBLISH packet the Subscription Identifiers forall matching subscriptions which have a Subscription Identifiers, their orderis not significant[MQTT-3.3.4-4].If the Server sends multiple PUBLISH packets it MUSTsend, in each of them, the Subscription Identifier of the matching subscriptionif it has a Subscription Identifier[MQTT-3.3.4-5].
It is possible that the Client made several subscriptions whichmatch a publication and that it used the same identifier for more than one ofthem. In this case the PUBLISH packet will carry multiple identical SubscriptionIdentifiers.
It is a Protocol Error for a PUBLISH packet to contain any SubscriptionIdentifier other than those received in SUBSCRIBE packet which caused it toflow.A PUBLISH packet sent from a Client to a ServerMUST NOT contain a Subscription Identifier[MQTT-3.3.4-6].
If the subscription was shared, then only the Subscription Identifiersthat were present in the SUBSCRIBE packet from the Client which is receivingthe message are returned in the PUBLISH packet.
The action of the recipient when it receives a PUBLISH packetdepends on the QoS level as described insection4.3.
If the PUBLISH packet contains a Topic Alias, the receiverprocesses it as follows:
1) A Topic Aliasvalue of 0 or greater than the Maximum Topic Alias is a Protocol Error, thereceiver uses DISCONNECT with Reason Code of 0x94 (Topic Alias invalid) asdescribed insection 4.13.
2) If the receiverhas already established a mapping for the Topic Alias, then
a) If the packethas a zero length Topic Name, the receiver processes it using the Topic Namethat corresponds to the Topic Alias
b) If the packetcontains a non-zero length Topic Name, the receiver processes the packet usingthat Topic Name and updates its mapping for the Topic Alias to the Topic Namefrom the incoming packet
3) If the receiverdoes not already have a mapping for this Topic Alias
a) If the packethas a zero length Topic Name field it is a Protocol Error and the receiver usesDISCONNECT with Reason Code of 0x82 (Protocol Error) as described insection 4.13.
b) If the packetcontains a Topic Name with a non-zero length, the receiver processes the packetusing that Topic Name and sets its mappings for the Topic Alias to Topic Namefrom the incoming packet.
Non-normative Comment
If the Server distributesApplication Messages to Clients at different protocol levels (such as MQTTV3.1.1) which do not support properties or other features provided by this specification,some information in the Application Message can be lost, and applications whichdepend on this information might not work correctly.
The Client MUST NOT sendmore than Receive Maximum QoS 1 and QoS 2 PUBLISH packets for which it has notreceived PUBACK, PUBCOMP, or PUBREC with a Reason Code of 128 or greater fromthe Server[MQTT-3.3.4-7]. If it receivesmore than Receive Maximum QoS 1 and QoS 2 PUBLISH packets where it has not senta PUBACK or PUBCOMP in response, the Server uses a DISCONNECT packet withReason Code 0x93 (Receive Maximum exceeded) as described insection 4.13 Handling errors. Refer tosection 4.9 for more information about flow control.
The Client MUST NOT delaythe sending of any packets other than PUBLISH packets due to having sentReceive Maximum PUBLISH packets without receiving acknowledgements for them[MQTT-3.3.4-8]. The value of Receive Maximumapplies only to the current Network Connection.
Non-normative comment
The Client might choose to sendfewer than Receive Maximum messages to the Server without receivingacknowledgement, even if it has more than this number of messages available tosend.
Non-normative comment
The Client might choose to suspendthe sending of QoS 0 PUBLISH packets when it suspends the sending of QoS 1 andQoS 2 PUBLISH packets.
Non-normative comment
If the Client sends QoS 1 or QoS 2PUBLISH packets before it has received a CONNACK packet, it risks being disconnectedbecause it has sent more than Receive Maximum publications.
The Server MUST NOT sendmore than Receive Maximum QoS 1 and QoS 2 PUBLISH packets for which it has notreceived PUBACK, PUBCOMP, or PUBREC with a Reason Code of 128 or greater fromthe Client[MQTT-3.3.4-9]. If it receivesmore than Receive Maximum QoS 1 and QoS 2 PUBLISH packets where it has not senta PUBACK or PUBCOMP in response, the Client uses DISCONNECT with Reason Code0x93 (Receive Maximum exceeded) as described insection4.13 Handling errors. Refer tosection 4.9 formore information about flow control.
The Server MUST NOT delaythe sending of any packets other than PUBLISH packets due to having sentReceive Maximum PUBLISH packets without receiving acknowledgements for them[MQTT-3.3.4-10].
Non-normative comment
The Server might choose to sendfewer than Receive Maximum messages to the Client without receivingacknowledgement, even if it has more than this number of messages available tosend.
Non-normative comment
The Server might choose to suspendthe sending of QoS 0 PUBLISH packets when it suspends the sending of QoS 1 andQoS 2 PUBLISH packets.
3.4PUBACK – Publish acknowledgement
A PUBACK packet is the response to a PUBLISH packet with QoS1.
Figure 3‑10 - PUBACK packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (4) | Reserved |
| 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 2 | Remaining Length |
Remaining Length field
This is the length of the Variable Header, encoded as a VariableByte Integer.
The Variable Header of the PUBACK Packet contains thefollowing fields in the order: Packet Identifier from the PUBLISH packet thatis being acknowledged, PUBACK Reason Code, Property Length, and the Properties.The rules for encoding Properties are described insection2.2.2.
Figure3‑11– PUBACK packet Variable Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | Packet Identifier MSB |
byte 2 | Packet Identifier LSB |
byte 3 | PUBACK Reason Code |
byte 4 | Property Length |
Byte 3 in the Variable Header is the PUBACK Reason Code. Ifthe Remaining Length is 2, then there is no Reason Code and the value of 0x00(Success) is used.
Table3‑4 - PUBACK Reason Codes
Value | Hex | Reason Code name | Description |
0 | 0x00 | Success | The message is accepted. Publication of the QoS 1 message proceeds. |
16 | 0x10 | No matching subscribers | The message is accepted but there are no subscribers. This is sent only by the Server. If the Server knows that there are no matching subscribers, it MAY use this Reason Code instead of 0x00 (Success). |
128 | 0x80 | Unspecified error | The receiver does not accept the publish but either does not want to reveal the reason, or it does not match one of the other values. |
131 | 0x83 | Implementation specific error | The PUBLISH is valid but the receiver is not willing to accept it. |
135 | 0x87 | Not authorized | The PUBLISH is not authorized. |
144 | 0x90 | Topic Name invalid | The Topic Name is not malformed, but is not accepted by this Client or Server. |
145 | 0x91 | Packet identifier in use | The Packet Identifier is already in use. This might indicate a mismatch in the Session State between the Client and Server. |
151 | 0x97 | Quota exceeded | An implementation or administrative imposed limit has been exceeded. |
153 | 0x99 | Payload format invalid | The payload format does not match the specified Payload Format Indicator. |
The Client or Server sendingthe PUBACK packet MUST use one of the PUBACK Reason Codes[MQTT-3.4.2-1]. The Reason Code and Property Lengthcan be omitted if the Reason Code is 0x00 (Success) and there are noProperties. In this case the PUBACK has a Remaining Length of 2.
3.4.2.2 PUBACK Properties
The length of the Properties in the PUBACK packet VariableHeader encoded as a Variable Byte Integer. If the Remaining Length is less than4 there is no Property Length and the value of 0 is used.
31 (0x1F) Byte, Identifier of the Reason String.
Followed by the UTF-8 Encoded String representing the reasonassociated with this response. This Reason String is a human readable stringdesigned for diagnostics and is not intended to be parsed by the receiver.
The sender uses this value to give additional information tothe receiver.The sender MUST NOT send thisproperty if it would increase the size of the PUBACK packet beyond the MaximumPacket Size specified by the receiver[MQTT-3.4.2-2].It is a Protocol Error to include the Reason String more than once.
38 (0x26) Byte,Identifier of the User Property.
Followed by UTF-8 String Pair. This property can be used toprovide additional diagnostic or other information.The sender MUST NOT send this property if it would increase the size ofthe PUBACK packet beyond the Maximum Packet Size specified by the receiver[MQTT-3.4.2-3]. The User Property is allowed toappear multiple times to represent multiple name, value pairs. The same name isallowed to appear more than once.
3.4.3 PUBACK Payload
The PUBACK packet has no Payload.
This is described insection 4.3.2.
A PUBREC packet is the response to a PUBLISH packet with QoS2. It is the second packet of the QoS 2 protocol exchange.
Figure 3‑12- PUBREC packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (5) | Reserved |
| 0 | 1 | 0 | 1 | 0 | 0 | 0 | 0 |
byte 2 | Remaining Length |
Remaining Length field
This is the length of the VariableHeader, encoded as a Variable Byte Integer.
The Variable Header of the PUBREC Packet consists of thefollowing fields in the order: the Packet Identifier from the PUBLISH packetthat is being acknowledged, PUBREC Reason Code, and Properties. The rules forencoding Properties are described in section 2.2.2.
Figure3‑13 - PUBREC packet Variable Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | Packet Identifier MSB |
byte 2 | Packet Identifier LSB |
byte 3 | PUBREC Reason Code |
byte 4 | Property Length |
Byte 3 in the Variable Header is the PUBREC Reason Code. Ifthe Remaining Length is 2, then the Publish Reason Code has the value 0x00(Success).
Table3‑5 – PUBREC Reason Codes
Value | Hex | Reason Code name | Description |
0 | 0x00 | Success | The message is accepted. Publication of the QoS 2 message proceeds. |
16 | 0x10 | No matching subscribers. | The message is accepted but there are no subscribers. This is sent only by the Server. If the Server knows that there are no matching subscribers, it MAY use this Reason Code instead of 0x00 (Success). |
128 | 0x80 | Unspecified error | The receiver does not accept the publish but either does not want to reveal the reason, or it does not match one of the other values. |
131 | 0x83 | Implementation specific error | The PUBLISH is valid but the receiver is not willing to accept it. |
135 | 0x87 | Not authorized | The PUBLISH is not authorized. |
144 | 0x90 | Topic Name invalid | The Topic Name is not malformed, but is not accepted by this Client or Server. |
145 | 0x91 | Packet Identifier in use | The Packet Identifier is already in use. This might indicate a mismatch in the Session State between the Client and Server. |
151 | 0x97 | Quota exceeded | An implementation or administrative imposed limit has been exceeded. |
153 | 0x99 | Payload format invalid | The payload format does not match the one specified in the Payload Format Indicator. |
The Client or Server sendingthe PUBREC packet MUST use one of the PUBREC Reason Code values.[MQTT-3.5.2-1]. The Reason Code and Property Lengthcan be omitted if the Reason Code is 0x00 (Success) and there are noProperties. In this case the PUBREC has a Remaining Length of 2.
The length of the Properties in the PUBREC packet VariableHeader encoded as a Variable Byte Integer. If the Remaining Length is less than4 there is no Property Length and the value of 0 is used.
31 (0x1F) Byte, Identifier of the Reason String.
Followed by the UTF-8 Encoded String representing the reasonassociated with this response. This Reason String is human readable, designedfor diagnostics and SHOULD NOT be parsed by the receiver.
The sender uses this value to give additional information tothe receiver.The sender MUST NOT send thisproperty if it would increase the size of the PUBREC packet beyond the MaximumPacket Size specified by the receiver[MQTT-3.5.2-2].It is a Protocol Error to include the Reason String more than once.
38 (0x26) Byte,Identifier of the User Property.
Followed by UTF-8 String Pair. This property can be used to provideadditional diagnostic or other information.Thesender MUST NOT send this property if it would increase the size of the PUBREC packetbeyond the Maximum Packet Size specified by the receiver[MQTT-3.5.2-3]. The User Property is allowed to appearmultiple times to represent multiple name, value pairs. The same name isallowed to appear more than once.
The PUBREC packet has no Payload.
This is described in section 4.3.3.
A PUBREL packet is the response to a PUBREC packet. It isthe third packet of the QoS 2 protocol exchange.
Figure 3‑14– PUBREL packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (6) | Reserved |
| 0 | 1 | 1 | 0 | 0 | 0 | 1 | 0 |
byte 2 | Remaining Length |
Bits 3,2,1 and 0 of theFixed Header in the PUBREL packet are reserved and MUST be set to 0,0,1 and 0respectively. The Server MUST treat any other value as malformed and close theNetwork Connection[MQTT-3.6.1-1].
Remaining Length field
This is the length of the VariableHeader, encoded as a Variable Byte Integer.
The Variable Header of the PUBREL Packet contains thefollowing fields in the order: the Packet Identifier from the PUBREC packetthat is being acknowledged, PUBREL Reason Code, and Properties. The rules forencoding Properties are described insection 2.2.2.
Figure3‑15 – PUBREL packet Variable Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | Packet Identifier MSB |
byte 2 | Packet Identifier LSB |
byte 3 | PUBREL Reason Code |
byte 4 | Property Length |
Byte 3 in the Variable Header is the PUBREL Reason Code. Ifthe Remaining Length is 2, the value of 0x00 (Success) is used.
Table3‑6 - PUBREL Reason Codes
Value | Hex | Reason Code name | Description |
0 | 0x00 | Success | Message released. |
146 | 0x92 | Packet Identifier not found | The Packet Identifier is not known. This is not an error during recovery, but at other times indicates a mismatch between the Session State on the Client and Server. |
The Client or Server sendingthe PUBREL packet MUST use one of the PUBREL Reason Code values[MQTT-3.6.2-1]. The Reason Code and Property Lengthcan be omitted if the Reason Code is 0x00 (Success) and there are noProperties. In this case the PUBREL has a Remaining Length of 2.
The length of the Properties in the PUBREL packet VariableHeader encoded as a Variable Byte Integer. If the Remaining Length is less than4 there is no Property Length and the value of 0 is used.
31 (0x1F) Byte, Identifier of the Reason String.
Followed by the UTF-8 Encoded String representing the reasonassociated with this response. This Reason String is human readable, designedfor diagnostics and SHOULD NOT be parsed by the receiver.
The sender uses this value to give additional information tothe receiver.The sender MUST NOT send thisProperty if it would increase the size of the PUBREL packet beyond the MaximumPacket Size specified by the receiver[MQTT-3.6.2-2].It is a Protocol Error to include the Reason String more than once.
38 (0x26) Byte,Identifier of the User Property.
Followed by UTF-8 String Pair. This property can be used toprovide additional diagnostic or other information for the PUBREL.The sender MUST NOT send this property if it wouldincrease the size of the PUBREL packet beyond the Maximum Packet Size specifiedby the receiver[MQTT-3.6.2-3]. The UserProperty is allowed to appear multiple times to represent multiple name, valuepairs. The same name is allowed to appear more than once.
The PUBREL packet has no Payload.
This is described insection 4.3.3.
The PUBCOMP packet is the response to a PUBREL packet. It isthe fourth and final packet of the QoS 2 protocol exchange.
Figure 3‑16– PUBCOMP packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control packet type (7) | Reserved |
| 0 | 1 | 1 | 1 | 0 | 0 | 0 | 0 |
byte 2 | Remaining Length |
Remaining Length field
This is the length of the VariableHeader, encoded as a Variable Byte Integer.
The Variable Header of the PUBCOMP Packet contains thefollowing fields in the order: Packet Identifier from the PUBREL packet that isbeing acknowledged, PUBCOMP Reason Code, and Properties. The rules for encodingProperties are described insection 2.2.2.
Figure3‑17 - PUBCOMP packet Variable Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | Packet Identifier MSB |
byte 2 | Packet Identifier LSB |
byte 3 | PUBCOMP Reason Code |
byte 4 | Property Length |
Byte 3 in the Variable Header is the PUBCOMP Reason Code. Ifthe Remaining Length is 2, then the value 0x00 (Success) is used.
Table3‑7– PUBCOMP Reason Codes
Value | Hex | Reason Code name | Description |
0 | 0x00 | Success | Packet Identifier released. Publication of QoS 2 message is complete. |
146 | 0x92 | Packet Identifier not found | The Packet Identifier is not known. This is not an error during recovery, but at other times indicates a mismatch between the Session State on the Client and Server. |
The Client or Server sendingthe PUBCOMP packet MUST use one of the PUBCOMP Reason Code values[MQTT-3.7.2-1]. The Reason Code and Property Lengthcan be omitted if the Reason Code is 0x00 (Success) and there are noProperties. In this case the PUBCOMP has a Remaining Length of 2.
The length of the Properties in the PUBCOMP packet VariableHeader encoded as a Variable Byte Integer. If the Remaining Length is less than4 there is no Property Length and the value of 0 is used.
31 (0x1F) Byte, Identifier of the Reason String.
Followed by the UTF-8 Encoded String representing the reasonassociated with this response. This Reason String is a human readable stringdesigned for diagnostics and SHOULD NOT be parsed by the receiver.
The sender uses this value to give additional information tothe receiver.The sender MUST NOT send thisProperty if it would increase the size of the PUBCOMP packet beyond the MaximumPacket Size specified by the receiver[MQTT-3.7.2-2].It is a Protocol Error to include the Reason String more than once.
38 (0x26) Byte,Identifier of the User Property.
Followed by UTF-8 String Pair. This property can be used toprovide additional diagnostic or other information.The sender MUST NOT send this property if it would increase the size ofthe PUBCOMP packet beyond the Maximum Packet Size specified by the receiver[MQTT-3.7.2-3]. The User Property is allowed toappear multiple times to represent multiple name, value pairs. The same name isallowed to appear more than once.
The PUBCOMP packet has no Payload.
This is described insection 4.3.3.
The SUBSCRIBE packet is sent from the Client to the Serverto create one or more Subscriptions. Each Subscription registers a Client’sinterest in one or more Topics. The Server sends PUBLISH packets to the Clientto forward Application Messages that were published to Topics that match theseSubscriptions. The SUBSCRIBE packet also specifies (for each Subscription) themaximum QoS with which the Server can send Application Messages to the Client.
Figure 3‑18SUBSCRIBE packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (8) | Reserved |
| 1 | 0 | 0 | 0 | 0 | 0 | 1 | 0 |
byte 2 | Remaining Length |
Bits 3,2,1 and 0 of theFixed Header of the SUBSCRIBE packet are reserved and MUST be set to 0,0,1 and0 respectively. The Server MUST treat any other value as malformed and closethe Network Connection[MQTT-3.8.1-1].
Remaining Length field
This is the length of VariableHeader plus the length of the Payload, encoded as a Variable Byte Integer.
The Variable Header of the SUBSCRIBE Packet contains thefollowing fields in the order: Packet Identifier, and Properties.Section 2.2.1 provides more information about PacketIdentifiers. The rules for encoding Properties are described insection 2.2.2.
Non-normative example
Figure 3-19 shows an example of aSUBSCRIBE variable header with a Packet Identifier of 10 and no properties.
Figure3‑19 – SUBSCRIBE Variable Header example
| Description | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
Packet Identifier |
byte 1 | Packet Identifier MSB (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 2 | Packet Identifier LSB (10) | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 |
byte 3 | Property Length (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
The length of Properties in the SUBSCRIBE packet VariableHeader encoded as a Variable Byte Integer.
11 (0x0B) Byte, Identifier of the SubscriptionIdentifier.
Followed by a Variable Byte Integer representing theidentifier of the subscription. The Subscription Identifier can have the valueof 1 to 268,435,455. It is a Protocol Error if the Subscription Identifier hasa value of 0. It is a Protocol Error to include the Subscription Identifiermore than once.
The Subscription Identifier is associated with anysubscription created or modified as the result of this SUBSCRIBE packet. Ifthere is a Subscription Identifier, it is stored with the subscription. If thisproperty is not specified, then the absence of a Subscription Identifier isstored with the subscription.
Refer tosection 3.8.3.1for more information about the handling of Subscription Identifiers.
38 (0x26) Byte, Identifier of the User Property.
Followed by a UTF-8 String Pair.
The User Property is allowed to appear multiple times torepresent multiple name, value pairs. The same name is allowed to appear morethan once.
Non-normative comment
User Properties on the SUBSCRIBEpacket can be used to send subscription related properties from the Client tothe Server. The meaning of these properties is not defined by this specification.
The Payload of a SUBSCRIBE packet contains a list of TopicFilters indicating the Topics to which the Client wants to subscribe.The Topic Filters MUST be a UTF-8 Encoded String[MQTT-3.8.3-1]. Each Topic Filter is followed bya Subscription Options byte.
The Payload MUST contain at leastone Topic Filter and Subscription Options pair[MQTT-3.8.3-2].A SUBSCRIBE packet with no Payload is a Protocol Error. Refer tosection 4.13 for information about handling errors.
3.8.3.1 SubscriptionOptions
Bits 0 and 1 of the Subscription Options represent MaximumQoS field. This gives the maximum QoS level at which the Server can sendApplication Messages to the Client. It is a Protocol Error if the Maximum QoS fieldhas the value 3.
Bit 2 of theSubscription Options represents the No Local option. If the value is 1,Application Messages MUST NOT be forwarded to a connection with a ClientIDequal to the ClientID of the publishing connection[MQTT-3.8.3-3].It is a Protocol Error toset the No Local bit to 1 on a Shared Subscription[MQTT-3.8.3-4].
Bit 3 of the Subscription Options represents theRetain As Published option. If 1, Application Messagesforwarded using this subscription keep the RETAIN flag they were publishedwith. If 0, Application Messages forwarded using this subscription have theRETAIN flag set to 0. Retained messages sent when the subscription isestablished have the RETAIN flag set to 1.
Bits 4 and 5 of the SubscriptionOptions represent the Retain Handling option. This option specifies whetherretained messages are sent when the subscription is established. This does notaffect the sending of retained messages at any point after the subscribe. Ifthere are no retained messages matching the Topic Filter, all of these valuesact the same. The values are:
0 = Send retained messages at thetime of the subscribe
1 = Send retained messages atsubscribe only if the subscription does not currently exist
2 = Do not send retained messagesat the time of the subscribe
It is a Protocol Error to send aRetain Handling value of 3.
Bits 6 and 7 of the Subscription Options byte are reservedfor future use.The Server MUST treat aSUBSCRIBE packet as malformed if any of Reserved bits in the Payload arenon-zero[MQTT-3.8.3-5].
Non-normativecomment
The NoLocal and Retain As Published subscription options can be used to implementbridging where the Client is sending the message on to another Server.
Non-normative comment
Notsending retained messages for an existing subscription is useful when areconnect is done and the Client is not certain whether the subscriptions werecompleted in the previous connection to the Session.
Non-normative comment
Notsending stored retained messages because of a new subscription is useful wherea Client wishes to receive change notifications and does not need to know theinitial state.
Non-normative comment
For aServer that indicates it does not support retained messages, all valid valuesof Retain As Published and Retain Handling give the same result which is to notsend any retained messages at subscribe and to set the RETAIN flag to 0 for allmessages.
Figure3‑20– SUBSCRIBE packet Payload format
Description | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
Topic Filter |
byte 1 | Length MSB |
byte 2 | Length LSB |
bytes 3..N | Topic Filter |
Subscription Options |
| Reserved | Retain Handling | RAP | NL | QoS |
byte N+1 | 0 | 0 | X | X | X | X | X | X |
RAP means Retain as Published.
NL means No Local.
Non-normativeexample
Figure 3.21 show the SUBSCRIBEPayload example with two Topic Filters. The first is “a/b” with QoS 1, and thesecond is “c/d” with QoS 2.
Figure 3‑21- Payload byte format non-normative example
| Description | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
Topic Filter |
byte 1 | Length MSB (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 2 | Length LSB (3) | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 |
byte 3 | ‘a’ (0x61) | 0 | 1 | 1 | 0 | 0 | 0 | 0 | 1 |
byte 4 | ‘/’ (0x2F) | 0 | 0 | 1 | 0 | 1 | 1 | 1 | 1 |
byte 5 | ‘b’ (0x62) | 0 | 1 | 1 | 0 | 0 | 0 | 1 | 0 |
Subscription Options |
byte 6 | Subscription Options (1) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
Topic Filter |
byte 7 | Length MSB (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 8 | Length LSB (3) | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 |
byte 9 | ‘c’ (0x63) | 0 | 1 | 1 | 0 | 0 | 0 | 1 | 1 |
byte 10 | ‘/’ (0x2F) | 0 | 0 | 1 | 0 | 1 | 1 | 1 | 1 |
byte 11 | ‘d’ (0x64) | 0 | 1 | 1 | 0 | 0 | 1 | 0 | 0 |
Subscription Options |
byte 12 | Subscription Options (2) | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 |
When the Server receives aSUBSCRIBE packet from a Client, the Server MUST respond with a SUBACK packet[MQTT-3.8.4-1].TheSUBACK packet MUST have the same Packet Identifier as the SUBSCRIBE packet thatit is acknowledging[MQTT-3.8.4-2].
The Server is permitted to start sending PUBLISH packetsmatching the Subscription before the Server sends the SUBACK packet.
If a Server receives aSUBSCRIBE packet containing a Topic Filter that is identical to a Non‑sharedSubscription’s Topic Filter for the current Session, then it MUST replace thatexisting Subscription with a new Subscription[MQTT-3.8.4-3].The Topic Filter in the new Subscription will be identical to that in theprevious Subscription, although its Subscription Options could be different.If the Retain Handling option is 0, any existingretained messages matching the Topic Filter MUST be re-sent, but ApplicatonMessages MUST NOT be lost due to replacing the Subscription[MQTT-3.8.4-4].
If a Server receives a Non‑shared Topic Filter that isnot identical to any Topic Filter for the current Session, a new Non-sharedSubscription is created. If the Retain Handling option is not 2, all matchingretained messages are sent to the Client.
If a Server receives a Topic Filter that is identical to theTopic Filter for a Shared Subscription that already exists on the Server, theSession is added as a subscriber to that Shared Subscription. No retainedmessages are sent.
If a Server receives a Shared Subscription Topic Filter thatis not identical to any existing Shared Subscription’s Topic Filter, a newShared Subscription is created. The Session is added as a subscriber to thatShared Subscription. No retained messages are sent.
Refer tosection 4.8 for more details on SharedSubscriptions.
If a Server receives aSUBSCRIBE packet that contains multiple Topic Filters it MUST handle thatpacket as if it had received a sequence of multiple SUBSCRIBE packets, exceptthat it combines their responses into a single SUBACK response[MQTT-3.8.4-5].
The SUBACK packet sent bythe Server to the Client MUST contain a Reason Code for each TopicFilter/Subscription Option pair[MQTT-3.8.4-6].This Reason Code MUST either show the maximumQoS that was granted for that Subscription or indicate that the subscriptionfailed[MQTT-3.8.4-7]. The Server might grant a lower Maximum QoS thanthe subscriber requested.The QoS of ApplicationMessages sent in response to a Subscription MUST be the minimum of the QoS ofthe originally published message and the Maximum QoS granted by the Server[MQTT-3.8.4-8]. The server is permitted to sendduplicate copies of a message to a subscriber in the case where the original messagewas published with QoS 1 and the maximum QoS granted was QoS 0.
Non-normative comment
If a subscribing Client has beengranted maximum QoS 1 for a particular Topic Filter, then a QoS 0 ApplicationMessage matching the filter is delivered to the Client at QoS 0. This meansthat at most one copy of the message is received by the Client. On the otherhand, a QoS 2 Message published to the same topic is downgraded by the Serverto QoS 1 for delivery to the Client, so that Client might receive duplicatecopies of the Message.
Non-normative comment
If the subscribing Client has beengranted maximum QoS 0, then an Application Message originally published as QoS2 might get lost on the hop to the Client, but the Server should never send aduplicate of that Message. A QoS 1 Message published to the same topic mighteither get lost or duplicated on its transmission to that Client.
Non-normativecomment
Subscribing to a Topic Filter atQoS 2 is equivalent to saying "I would like to receive Messages matching thisfilter at the QoS with which they were published". This means a publisheris responsible for determining the maximum QoS a Message can be delivered at,but a subscriber is able to require that the Server downgrades the QoS to onemore suitable for its usage.
The Subscription Identifiers are part of the Session Statein the Server and are returned to the Client receiving a matching PUBLISHpacket. They are removed from the Server’s Session State when the Serverreceives an UNSUBSCRIBE packet, when the Server receives a SUBSCRIBE packetfrom the Client for the same Topic Filter but with a different Subscription Identifieror with no Subscription Identifier, or when the Server sends Session Present 0in a CONNACK packet.
The Subscription Identifiers do not form part of the Client’sSession State in the Client. In a useful implementation, a Client willassociate the Subscription Identifiers with other Client side state, this stateis typically removed when the Client unsubscribes, when the Client subscribesfor the same Topic Filter with a different identifier or no identifier, or whenthe Client receives Session Present 0 in a CONNACK packet.
The Server need not use the same set of Subscription Identifiersin the retransmitted PUBLISH packet. The Client can remake a Subscription bysending a SUBSCRIBE packet containing a Topic Filter that is identical to theTopic Filter of an existing Subscription in the current Session. If the Clientremade a subscription after the initial transmission of a PUBLISH packet and useda different Subscription Identifier, then the Server is allowed to use theidentifiers from the first transmission in any retransmission. Alternatively,the Server is allowed to use the new identifiers during a retransmission. The Serveris not allowed to revert to the old identifier after it has sent a PUBLISHpacket containing the new one.
Non-normativecomment
Usage scenarios, for illustration ofSubscription Identifiers.
· The Client implementation indicates via its programming interfacethat a publication matched more than one subscription. The Client implementationgenerates a new identifier each time a subscription is made. If the returnedpublication carries more than one Subscription Identifier, then the publicationmatched more than one subscription.
· The Client implementation allows the subscriber to directmessages to a callback associated with the subscription. The Client implementationgenerates an identifier which uniquely maps the identifier to the callback.When a publication is received it uses the Subscription Identifier to determinewhich callback is driven.
· The Client implementation returns the topic string used to make thesubscription to the application when it delivers the published message. Toachieve this the Client generates an identifier which uniquely identifies the TopicFilter. When a publication is received the Client implementation uses theidentifiers to look up the original Topic Filters and return them to the Clientapplication.
· A gateway forwards publications received from a Server to Clientsthat have made subscriptions to the gateway. The gateway implementation maintainsa map of each unique Topic Filter it receives to the set of ClientID, SubscriptionIdentifier pairs that it also received. It generates a unique identifier for eachTopic Filter that it forwards to the Server. When a publication is received,the gateway uses the Subscription Identifiers it received from the Server tolook up the Client Identifier, Subscription Identifier pairs associated withthem. It adds these to the PUBLISH packets it sends to the Clients. If theupstream Server sent multiple PUBLISH packets because the message matchedmultiple subscriptions, then this behavior is mirrored to the Clients.
A SUBACK packet is sent by the Server to the Client toconfirm receipt and processing of a SUBSCRIBE packet.
A SUBACK packet contains a list of Reason Codes, thatspecify the maximum QoS level that was granted or the error which was found foreach Subscription that was requested by the SUBSCRIBE.
Figure 3‑22- SUBACK Packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (9) | Reserved |
| 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 |
byte 2 | Remaining Length |
Remaining Length field
This is the length of Variable Header plus the length of thePayload, encoded as a Variable Byte Integer.
The Variable Header of the SUBACK Packet contains the followingfields in the order: the Packet Identifier from the SUBSCRIBE Packet that isbeing acknowledged, and Properties.
The length of Properties in the SUBACK packet VariableHeader encoded as a Variable Byte Integer
31 (0x1F) Byte, Identifier of the Reason String.
Followed by the UTF-8 Encoded String representing the reasonassociated with this response. This Reason String is a human readable stringdesigned for diagnostics and SHOULD NOT be parsed by the Client.
The Server uses this value to give additional information tothe Client.The Server MUST NOT send thisProperty if it would increase the size of the SUBACK packet beyond the MaximumPacket Size specified by the Client[MQTT-3.9.2-1].It is a Protocol Error to include the Reason String more than once.
38 (0x26) Byte,Identifier of the User Property.
Followed by UTF-8 String Pair. This property can be used toprovide additional diagnostic or other information.The Server MUST NOT send this property if it would increase the size ofthe SUBACK packet beyond the Maximum Packet Size specified by Client[MQTT-3.9.2-2]. The User Property is allowed to appearmultiple times to represent multiple name, value pairs. The same name isallowed to appear more than once.
Figure 3‑23 SUBACK packet Variable Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | Packet Identifier MSB |
byte 2 | Packet Identifier LSB |
The Payload contains a list of Reason Codes. Each ReasonCode corresponds to a Topic Filter in the SUBSCRIBE packet being acknowledged.The order of Reason Codes in the SUBACK packet MUSTmatch the order of Topic Filters in the SUBSCRIBE packet[MQTT-3.9.3-1].
Table3‑8 - Subscribe Reason Codes
Value | Hex | Reason Code name | Description |
0 | 0x00 | Granted QoS 0 | The subscription is accepted and the maximum QoS sent will be QoS 0. This might be a lower QoS than was requested. |
1 | 0x01 | Granted QoS 1 | The subscription is accepted and the maximum QoS sent will be QoS 1. This might be a lower QoS than was requested. |
2 | 0x02 | Granted QoS 2 | The subscription is accepted and any received QoS will be sent to this subscription. |
128 | 0x80 | Unspecified error | The subscription is not accepted and the Server either does not wish to reveal the reason or none of the other Reason Codes apply. |
131 | 0x83 | Implementation specific error | The SUBSCRIBE is valid but the Server does not accept it. |
135 | 0x87 | Not authorized | The Client is not authorized to make this subscription. |
143 | 0x8F | Topic Filter invalid | The Topic Filter is correctly formed but is not allowed for this Client. |
145 | 0x91 | Packet Identifier in use | The specified Packet Identifier is already in use. |
151 | 0x97 | Quota exceeded | An implementation or administrative imposed limit has been exceeded. |
158 | 0x9E | Shared Subscriptions not supported | The Server does not support Shared Subscriptions for this Client. |
161 | 0xA1 | Subscription Identifiers not supported | The Server does not support Subscription Identifiers; the subscription is not accepted. |
162 | 0xA2 | Wildcard Subscriptions not supported | The Server does not support Wildcard Subscriptions; the subscription is not accepted. |
TheServer sending a SUBACK packet MUST use one of the Subscribe Reason Codes for each Topic Filter received[MQTT-3.9.3-2].
Non-normative comment
There is always one Reason Code foreach Topic Filter in the corresponding SUBSCRIBE packet. If the Reason Code isnot specific to a Topic Filters (such as 0x91 (Packet Identifier in use)) it isset for each Topic Filter.
An UNSUBSCRIBE packet is sent by the Client to the Server,to unsubscribe from topics.
Figure3.28 – UNSUBSCRIBE packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (10) | Reserved |
| 1 | 0 | 1 | 0 | 0 | 0 | 1 | 0 |
byte 2 | Remaining Length |
Bits 3,2,1 and 0 of theFixed Header of the UNSUBSCRIBE packet are reserved and MUST be set to 0,0,1and 0 respectively. The Server MUST treat any other value as malformed andclose the Network Connection[MQTT-3.10.1-1].
Remaining Length field
This is the length of Variable Header (2 bytes) plus thelength of the Payload, encoded as a Variable Byte Integer.
The Variable Header of the UNSUBSCRIBE Packet contains thefollowing fields in the order: Packet Identifier, and Properties.Section 2.2.1 provides more information about PacketIdentifiers. The rules for encoding Properties are described insection 2.2.2.
The length of Properties in the UNSUBSCRIBE packet VariableHeader encoded as a Variable Byte Integer.
38 (0x26) Byte, Identifier of the User Property.
Followed by a UTF-8 String Pair.
The User Property is allowed to appear multiple times torepresent multiple name, value pairs. The same name is allowed to appear morethan once.
Non-normative comment
User Properties on the UNSUBSCRIBEpacket can be used to send subscription related properties from the Client tothe Server. The meaning of these properties is not defined by thisspecification.
The Payload for the UNSUBSCRIBE packet contains the list ofTopic Filters that the Client wishes to unsubscribe from.The Topic Filters in an UNSUBSCRIBE packet MUST beUTF-8 Encoded Strings[MQTT-3.10.3-1] asdefined insection 1.5.4, packedcontiguously.
The Payload of anUNSUBSCRIBE packet MUST contain at least one Topic Filter[MQTT-3.10.3-2]. An UNSUBSCRIBE packet with no Payloadis a Protocol Error. Refer tosection 4.13 forinformation about handling errors.
Non-normative example
Figure3.30 shows the Payload for an UNSUBSCRIBE packet with two Topic Filters “a/b”and “c/d”.
Figure 3.30 - Payload byte format non-normative example
| Description | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
Topic Filter |
byte 1 | Length MSB (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 2 | Length LSB (3) | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 |
byte 3 | ‘a’ (0x61) | 0 | 1 | 1 | 0 | 0 | 0 | 0 | 1 |
byte 4 | ‘/’ (0x2F) | 0 | 0 | 1 | 0 | 1 | 1 | 1 | 1 |
byte 5 | ‘b’ (0x62) | 0 | 1 | 1 | 0 | 0 | 0 | 1 | 0 |
Topic Filter |
byte 6 | Length MSB (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 7 | Length LSB (3) | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 |
byte 8 | ‘c’ (0x63) | 0 | 1 | 1 | 0 | 0 | 0 | 1 | 1 |
byte 9 | ‘/’ (0x2F) | 0 | 0 | 1 | 0 | 1 | 1 | 1 | 1 |
byte 10 | ‘d’ (0x64) | 0 | 1 | 1 | 0 | 0 | 1 | 0 | 0 |
The Topic Filters (whetherthey contain wildcards or not) supplied in an UNSUBSCRIBE packet MUST becompared character-by-character with the current set of Topic Filters held bythe Server for the Client. If any filter matches exactly then its owningSubscription MUST be deleted[MQTT-3.10.4-1],otherwise no additional processing occurs.
When a Server receivesUNSUBSCRIBE:
- It MUST stop adding any new messages which match the Topic Filters, for delivery to the Client[MQTT-3.10.4-2].
- It MUST complete the delivery of any QoS 1 or QoS 2 messages which match the Topic Filters and it has started to send to the Client[MQTT-3.10.4-3].
- It MAY continue to deliver any existing messages buffered for delivery to the Client.
The Server MUST respond toan UNSUBSCRIBE request by sending an UNSUBACK packet[MQTT-3.10.4-4].TheUNSUBACK packet MUST have the same Packet Identifier as the UNSUBSCRIBE packet.Even where no Topic Subscriptions are deleted, the Server MUST respond with anUNSUBACK[MQTT-3.10.4-5].
If a Server receives anUNSUBSCRIBE packet that contains multiple Topic Filters, it MUST process thatpacket as if it had received a sequence of multiple UNSUBSCRIBE packets, exceptthat it sends just one UNSUBACK response[MQTT-3.10.4-6].
If a Topic Filter represents a Shared Subscription, thisSession is detached from the Shared Subscription. If this Session was the onlySession that the Shared Subscription was associated with, the SharedSubscription is deleted. Refer tosection4.8.2 for a description of Shared Subscription handling.
3.11 UNSUBACK – Unsubscribe acknowledgement
The UNSUBACK packet is sent by the Server to the Client toconfirm receipt of an UNSUBSCRIBE packet.
Figure3.31 – UNSUBACK packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (11) | Reserved |
| 1 | 0 | 1 | 1 | 0 | 0 | 0 | 0 |
byte 2 | Remaining Length |
Remaining Length field
This is the length of the Variable Header plus the length ofthe Payload, encoded as a Variable Byte Integer.
The Variable Header of the UNSUBACK Packet the followingfields in the order: the Packet Identifier from the UNSUBSCRIBE Packet that isbeing acknowledged, and Properties. The rules for encoding Properties aredescribed insection 2.2.2.
Figure3.32 – UNSUBACK packet Variable Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | Packet Identifier MSB |
byte 2 | Packet Identifier LSB |
The length of the Properties in the UNSUBACK packet VariableHeader encoded as a Variable Byte Integer.
31 (0x1F) Byte, Identifier of the Reason String.
Followed by the UTF-8 Encoded String representing the reasonassociated with this response. This Reason String is a human readable stringdesigned for diagnostics and SHOULD NOT be parsed by the Client.
The Server uses this value to give additional information tothe Client.The Server MUST NOT send thisProperty if it would increase the size of the UNSUBACK packet beyond theMaximum Packet Size specified by the Client[MQTT-3.11.2-1].It is a Protocol Error to include the Reason String more than once.
38 (0x26) Byte,Identifier of the User Property.
Followed by UTF-8 String Pair. This property can be used toprovide additional diagnostic or other information.The Server MUST NOT send this property if it would increase the size ofthe UNSUBACK packet beyond the Maximum Packet Size specified by the Client[MQTT-3.11.2-2]. The User Property is allowed toappear multiple times to represent multiple name, value pairs. The same name isallowed to appear more than once.
The Payload contains a list of Reason Codes. Each ReasonCode corresponds to a Topic Filter in the UNSUBSCRIBE packet beingacknowledged.The order of Reason Codes in theUNSUBACK packet MUST match the order of Topic Filters in the UNSUBSCRIBE packet[MQTT-3.11.3-1].
The values for the one byte unsigned Unsubscribe ReasonCodes are shown below.The Server sending anUNSUBACK packet MUST use one of the Unsubscribe Reason Code values for eachTopic Filter received[MQTT-3.11.3-2].
Table3‑9 - UnsubscribeReason Codes
Value | Hex | Reason Code name | Description |
0 | 0x00 | Success | The subscription is deleted. |
17 | 0x11 | No subscription existed | No matching Topic Filter is being used by the Client. |
128 | 0x80 | Unspecified error | The unsubscribe could not be completed and the Server either does not wish to reveal the reason or none of the other Reason Codes apply. |
131 | 0x83 | Implementation specific error | The UNSUBSCRIBE is valid but the Server does not accept it. |
135 | 0x87 | Not authorized | The Client is not authorized to unsubscribe. |
143 | 0x8F | Topic Filter invalid | The Topic Filter is correctly formed but is not allowed for this Client. |
145 | 0x91 | Packet Identifier in use | The specified Packet Identifier is already in use. |
Non-normative comment
There is always one Reason Code foreach Topic Filter in the corresponding UNSUBSCRIBE packet. If the Reason Codeis not specific to a Topic Filters (such as 0x91 (Packet Identifier in use)) itis set for each Topic Filter.
The PINGREQ packet is sent from a Client to the Server. Itcan be used to:
· Indicate to the Server that the Client is alive in the absence ofany other MQTT Control Packets being sent from the Client to the Server.
· Request that the Server responds to confirm that it is alive.
· Exercise the network to indicate that the Network Connection isactive.
This packet is used in Keep Aliveprocessing. Refer tosection 3.1.2.10 for moredetails.
Figure3.33 – PINGREQ packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (12) | Reserved |
| 1 | 1 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 2 | Remaining Length (0) |
| 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
The PINGREQ packet has no Variable Header.
The PINGREQ packet has no Payload.
The Server MUST send aPINGRESP packet in response to a PINGREQ packet[MQTT-3.12.4-1].
A PINGRESP Packet is sent by the Server to the Client inresponse to a PINGREQ packet. It indicates that the Server is alive.
This packet is used in Keep Aliveprocessing. Refer tosection 3.1.2.10 for moredetails.
Figure3.34 – PINGRESP packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (13) | Reserved |
| 1 | 1 | 0 | 1 | 0 | 0 | 0 | 0 |
byte 2 | Remaining Length (0) |
| 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
3.13.2 PINGRESP Variable Header
The PINGRESP packet has no Variable Header.
The PINGRESP packet has no Payload.
The Client takes no action on receiving this packet
The DISCONNECT packet is the final MQTT Control Packet sentfrom the Client or the Server. It indicates the reason why the NetworkConnection is being closed. The Client or Server MAY send a DISCONNECT packetbefore closing the Network Connection. If the Network Connection is closed withoutthe Client first sending a DISCONNECT packet with Reason Code 0x00 (Normaldisconnection) and the Connection has a Will Message, the Will Message is published.Refer tosection 3.1.2.5 for further details.
A Server MUST NOT send a DISCONNECTuntil after it has sent a CONNACK with Reason Code of less than 0x80[MQTT-3.14.0-1].
Figure3.35 – DISCONNECT packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (14) | Reserved |
| 1 | 1 | 1 | 0 | 0 | 0 | 0 | 0 |
byte 2 | Remaining Length |
The Client or Server MUSTvalidate that reserved bits are set to 0. If they are not zero it sends aDISCONNECT packet with a Reason code of 0x81 (Malformed Packet) as described insection 4.13[MQTT-3.14.1-1].
Remaining Length field
This is the length of the VariableHeader encoded as a Variable Byte Integer.
3.14.2 DISCONNECT Variable Header
The Variable Header of the DISCONNECT Packet contains thefollowing fields in the order: Disconnect Reason Code, and Properties. Therules for encoding Properties are described insection2.2.2.
3.14.2.1 Disconnect Reason Code
Byte 1 in the Variable Header is the Disconnect Reason Code.If the Remaining Length is less than 1 the value of 0x00 (Normal disconnection)is used.
The values for the one byte unsigned Disconnect Reason Codefield are shown below.
Table 3‑10 –Disconnect Reason Code values
Value | Hex | Reason Code name | Sent by | Description |
0 | 0x00 | Normal disconnection | Client or Server | Close the connection normally. Do not send the Will Message. |
4 | 0x04 | Disconnect with Will Message | Client | The Client wishes to disconnect but requires that the Server also publishes its Will Message. |
128 | 0x80 | Unspecified error | Client or Server | The Connection is closed but the sender either does not wish to reveal the reason, or none of the other Reason Codes apply. |
129 | 0x81 | Malformed Packet | Client or Server | The received packet does not conform to this specification. |
130 | 0x82 | Protocol Error | Client or Server | An unexpected or out of order packet was received. |
131 | 0x83 | Implementation specific error | Client or Server | The packet received is valid but cannot be processed by this implementation. |
135 | 0x87 | Not authorized | Server | The request is not authorized. |
137 | 0x89 | Server busy | Server | The Server is busy and cannot continue processing requests from this Client. |
139 | 0x8B | Server shutting down | Server | The Server is shutting down. |
141 | 0x8D | Keep Alive timeout | Server | The Connection is closed because no packet has been received for 1.5 times the Keepalive time. |
142 | 0x8E | Session taken over | Server | Another Connection using the same ClientID has connected causing this Connection to be closed. |
143 | 0x8F | Topic Filter invalid | Server | The Topic Filter is correctly formed, but is not accepted by this Sever. |
144 | 0x90 | Topic Name invalid | Client or Server | The Topic Name is correctly formed, but is not accepted by this Client or Server. |
147 | 0x93 | Receive Maximum exceeded | Client or Server | The Client or Server has received more than Receive Maximum publication for which it has not sent PUBACK or PUBCOMP. |
148 | 0x94 | Topic Alias invalid | Client or Server | The Client or Server has received a PUBLISH packet containing a Topic Alias which is greater than the Maximum Topic Alias it sent in the CONNECT or CONNACK packet. |
149 | 0x95 | Packet too large | Client or Server | The packet size is greater than Maximum Packet Size for this Client or Server. |
150 | 0x96 | Message rate too high | Client or Server | The received data rate is too high. |
151 | 0x97 | Quota exceeded | Client or Server | An implementation or administrative imposed limit has been exceeded. |
152 | 0x98 | Administrative action | Client or Server | The Connection is closed due to an administrative action. |
153 | 0x99 | Payload format invalid | Client or Server | The payload format does not match the one specified by the Payload Format Indicator. |
154 | 0x9A | Retain not supported | Server | The Server has does not support retained messages. |
155 | 0x9B | QoS not supported | Server | The Client specified a QoS greater than the QoS specified in a Maximum QoS in the CONNACK. |
156 | 0x9C | Use another server | Server | The Client should temporarily change its Server. |
157 | 0x9D | Server moved | Server | The Server is moved and the Client should permanently change its server location. |
158 | 0x9E | Shared Subscriptions not supported | Server | The Server does not support Shared Subscriptions. |
159 | 0x9F | Connection rate exceeded | Server | This connection is closed because the connection rate is too high. |
160 | 0xA0 | Maximum connect time | Server | The maximum connection time authorized for this connection has been exceeded. |
161 | 0xA1 | Subscription Identifiers not supported | Server | The Server does not support Subscription Identifiers; the subscription is not accepted. |
162 | 0xA2 | Wildcard Subscriptions not supported | Server | The Server does not support Wildcard Subscriptions; the subscription is not accepted. |
The Client or Server sendingthe DISCONNECT packet MUST use one of the DISCONNECT Reason Code values[MQTT-3.14.2-1].TheReason Code and Property Length can be omitted if the Reason Code is 0x00(Normal disconnecton) and there are no Properties. In this case the DISCONNECThas a Remaining Length of 0.
Non-normative comment
The DISCONNECT packet is used toindicate the reason for a disconnect for cases where there is no acknowledge packet(such as a QoS 0 publish) or when the Client or Server is unable to continueprocessing the Connection.
Non-normative comment
The information can be used by theClient to decide whether to retry the connection, and how long it should waitbefore retrying the connection.
The length of Properties in the DISCONNECT packet VariableHeader encoded as a Variable Byte Integer. If the Remaining Length is less than2, a value of 0 is used.
17 (0x11) Byte, Identifier of the Session ExpiryInterval.
Followed by the Four Byte Integer representing the SessionExpiry Interval in seconds. It is a Protocol Error to include the SessionExpiry Interval more than once.
If the Session Expiry Interval is absent, the Session ExpiryInterval in the CONNECT packet is used.
The Session Expiry IntervalMUST NOT be sent on a DISCONNECT by the Server[MQTT-3.14.2-2].
If the Session Expiry Interval in the CONNECT packet waszero, then it is a Protocol Error to set a non-zero Session Expiry Interval inthe DISCONNECT packet sent by the Client. If such a non-zero Session ExpiryInterval is received by the Server, it does not treat it as a valid DISCONNECTpacket. The Server uses DISCONNECT with Reason Code 0x82 (Protocol Error) asdescribed insection 4.13.
31 (0x1F) Byte,Identifier of the Reason String.
Followed by the UTF-8 Encoded String representing the reasonfor the disconnect. This Reason String is human readable, designed fordiagnostics and SHOULD NOT be parsed by the receiver.
The sender MUST NOT sendthis Property if it would increase the size of the DISCONNECT packet beyond theMaximum Packet Size specified by the receiver[MQTT-3.14.2-3].It is a Protocol Error to include the Reason String more than once.
38 (0x26) Byte,Identifier of the User Property.
Followed by UTF-8 String Pair. This property may be used toprovide additional diagnostic or other information.The sender MUST NOT send this property if it would increase the size ofthe DISCONNECT packet beyond the Maximum Packet Size specified by the receiver[MQTT-3.14.2-4]. The User Property is allowed toappear multiple times to represent multiple name, value pairs. The same name isallowed to appear more than once.
28 (0x1C) Byte, Identifier of the Server Reference.
Followed by a UTF-8 Encoded String which can be used by theClient to identify another Server to use. It is a Protocol Error to include theServer Reference more than once.
The Server sends DISCONNECT including a Server Reference andReason Code 0x9C (Use another server) or 0x9D (Server moved) as described insection 4.13.
Refer tosection 4.11Server Redirection for information about how Server Reference is used.
Figure3‑24DISCONNECT packet Variable Header non-normative example
| Description | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
Disconnect Reason Code |
byte 1 | | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Properties |
byte 2 | Length (5) | 0 | 0 | 0 | 0 | 0 | 1 | 1 | 1 |
byte 3 | Session Expiry Interval identifier (17) | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 1 |
byte 4 | Session Expiry Interval (0) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 5 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 6 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
byte 7 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| | | | | | | | | | | | | | | | |
The DISCONNECT packet has no Payload.
After sending a DISCONNECTpacket the sender:
- MUST NOT send any more MQTT Control Packets on that Network Connection[MQTT-3.14.4-1].
- MUST close the Network Connection[MQTT-3.14.4-2].
On receipt of DISCONNECTwith a Reason Code of 0x00 (Success) the Server:
- MUST discard any Will Message associated with the current Connection without publishing it[MQTT-3.14.4-3], as described insection 3.1.2.5.
On receipt of DISCONNECT, the receiver:
- SHOULD close the Network Connection.
An AUTH packet is sent from Client to Server or Server toClient as part of an extended authentication exchange, such as challenge / responseauthentication. It is a Protocol Error for the Client or Server to send an AUTHpacket if the CONNECT packet did not contain the same Authentication Method.
Figure 3.35 – AUTH packet Fixed Header
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
byte 1 | MQTT Control Packet type (15) | Reserved |
| 1 | 1 | 1 | 1 | 0 | 0 | 0 | 0 |
byte 2 | Remaining Length |
Bits 3,2,1 and 0 of theFixed Header of the AUTH packet are reserved and MUST all be set to 0. TheClient or Server MUST treat any other value as malformed and close the NetworkConnection[MQTT-3.15.1-1].
Remaining Length field
This is the length of the VariableHeader encoded as a Variable Byte Integer.
The Variable Header of the AUTH Packet contains thefollowing fields in the order: Authenticate Reason Code, and Properties. Therules for encoding Properties are described insection2.2.2.
Byte 0 in the Variable Header is the Authenticate ReasonCode. The values for the one byte unsigned Authenticate Reason Code field are shownbelow.The sender of the AUTH Packet MUST useone of the Authenticate Reason Codes[MQTT-3.15.2-1].
Table3‑11 Authenticate Reason Codes
Value | Hex | Reason Code name | Sent by | Description |
0 | 0x00 | Success | Server | Authentication is successful |
24 | 0x18 | Continue authentication | Client or Server | Continue the authentication with another step |
25 | 0x19 | Re-authenticate | Client | Initiate a re-authentication |
The Reason Code and Property Length can be omitted if theReason Code is 0x00 (Success) and there are no Properties. In this case theAUTH has a Remaining Length of 0.
The length of Properties in the AUTH packet Variable Headerencoded as a Variable Byte Integer.
21 (0x15) Byte, Identifier of the AuthenticationMethod.
Followed by a UTF-8 Encoded String containing the name ofthe authentication method. It is a Protocol Error to omit the AuthenticationMethod or to include it more than once. Refer tosection 4.12 for more information about extendedauthentication.
22 (0x16) Byte, Identifier of the AuthenticationData.
Followed by Binary Data containing authentication data. Itis a Protocol Error to include Authentication Data more than once. The contentsof this data are defined by the authentication method. Refer tosection 4.12 for more information aboutextended authentication.
31 (0x1F) Byte,Identifier of the Reason String.
Followed by the UTF-8 Encoded String representing the reasonfor the disconnect. This Reason String is human readable, designed fordiagnostics and SHOULD NOT be parsed by the receiver.
The sender MUST NOT sendthis property if it would increase the size of the AUTH packet beyond theMaximum Packet Size specified by the receiver[MQTT-3.15.2-2].It is a Protocol Error to include the Reason String more than once.
38 (0x26) Byte,Identifier of the User Property.
Followed by UTF-8 String Pair. This property may be used toprovide additional diagnostic or other information.The sender MUST NOT send this property if it would increase the size ofthe AUTH packet beyond the Maximum Packet Size specified by the receiver[MQTT-3.15.2-3]. The User Property is allowed toappear multiple times to represent multiple name, value pairs. The same name isallowed to appear more than once.
The AUTH packet has no Payload.
Refer tosection 4.12for more information about extended authentication.
4.1 Session State
In order to implement QoS 1 and QoS 2 protocol flows theClient and Server need to associate state with the Client Identifier, this isreferred to as the Session State. The Server also stores the subscriptions aspart of the Session State.
The session can continue across a sequence of NetworkConnections. It lasts as long as the latest Network Connection plus the SessionExpiry Interval.
The Session State in the Client consists of:
· QoS 1 and QoS 2 messages which have been sent to the Server, buthave not been completely acknowledged.
· QoS 2 messages which have been received from the Server, but havenot been completely acknowledged.
The Session State in the Server consists of:
· The existence of a Session, even if the rest of the Session Stateis empty.
· The Clients subscriptions, including any SubscriptionIdentifiers.
· QoS 1 and QoS 2 messages which have been sent to the Client, buthave not been completely acknowledged.
· QoS 1 and QoS 2 messages pending transmission to the Client andOPTIONALLY QoS 0 messages pending transmission to the Client.
· QoS 2 messages which have been received from the Client, but havenot been completely acknowledged.The Will Message and the Will Delay Interval
· If the Session is currently not connected, the time at which the Sessionwill end and Session State will be discarded.
Retained messages do not form part of the Session State inthe Server, they are not deleted as a result of a Session ending.
4.1.1 Storing Session State
The Client and Server MUST NOTdiscard the Session State while the Network Connection is open[MQTT-4.1.0-1].TheServer MUST discard the Session State when the Network Connection is closed andthe Session Expiry Interval has passed[MQTT-4.1.0-2].
Non-normativecomment
The storage capabilities of Clientand Server implementations will of course have limits in terms of capacity andmay be subject to administrative policies. Stored Session State can bediscarded as a result of an administrator action, including an automatedresponse to defined conditions. This has the effect of terminating the Session.These actions might be prompted by resource constraints or for otheroperational reasons. It is possible that hardware or software failures mayresult in loss or corruption of Session State stored by the Client or Server. Itis prudent to evaluate the storage capabilities of the Client and Server toensure that they are sufficient.
4.1.2 Session State non-normativeexamples
For example, an electricity meter reading solution might useQoS 1 messages to protect the readings against loss over the network. Thesolution developer might have determined that the power supply is sufficientlyreliable that, in this case, the data in the Client and Server can be stored involatile memory without too much risk of its loss.
Conversely a parking meter payment application providermight decide that the payment messages should never be lost due to a network orClient failure. Thus, they require that all data be written to non-volatilememory before it is transmitted across the network.
4.2 Network Connections
The MQTT protocol requires an underlying transport thatprovides an ordered, lossless, stream of bytes from the Client to Server andServer to Client. This specification does not require the support of anyspecific transport protocol. A Client or Server MAY support any of thetransport protocols listed here, or any other transport protocol that meets therequirements of thissection.
A Client or Server MUSTsupport the use of one or more underlying transport protocols that provide anordered, lossless, stream of bytes from the Client to Server and Server toClient[MQTT-4.2-1].
Non-normativecomment
TCP/IP as defined in[RFC0793]can be used for MQTT v5.0. The following transportprotocols are also suitable:
· TLS[RFC5246]
· WebSocket[RFC6455]
Non-normative comment
TCP ports 8883 and 1883 areregistered with IANA for MQTT TLS and non-TLS communication respectively.
Non-normative comment
Connectionless network transportssuch asUser Datagram Protocol (UDP) are notsuitable on their own because they might lose or reorder data.
4.3 Quality of Service levels and protocol flows
MQTT delivers Application Messages according to the Qualityof Service (QoS) levels defined in the following sections. The deliveryprotocol is symmetric, in the description below the Client and Server can eachtake the role of either sender or receiver. The delivery protocol is concernedsolely with the delivery of an application message from a single sender to asingle receiver. When the Server is delivering an Application Message to morethan one Client, each Client is treated independently. The QoS level used todeliver an Application Message outbound to the Client could differ from that ofthe inbound Application Message.
The message is delivered according to the capabilities ofthe underlying network. No response is sent by the receiver and no retry isperformed by the sender. The message arrives at the receiver either once or notat all.
Inthe QoS 0 delivery protocol, the sender
· MUST send a PUBLISH packet withQoS 0 and DUP flag set to 0[MQTT-4.3.1-1].
In the QoS 0 delivery protocol, the receiver
· Accepts ownership of the message when it receives the PUBLISHpacket.
Figure 4.1 – QoS 0 protocol flow diagram, non-normativeexample
Sender Action | Control Packet | Receiver Action |
PUBLISH QoS 0, DUP=0 | | |
| ----------> | |
| | Deliver Application Message to appropriate onward recipient(s) |
4.3.2 QoS 1: At least oncedelivery
This Quality of Service level ensuresthat the message arrives at the receiver at least once. A QoS 1 PUBLISH packethas a Packet Identifier in its Variable Header and is acknowledged by a PUBACK packet.Section 2.2.1 provides more information about PacketIdentifiers.
Inthe QoS 1 delivery protocol, the sender
· MUST assign an unused PacketIdentifier each time it has a new Application Message to publish[MQTT-4.3.2-1].
· MUST send a PUBLISH packetcontaining this Packet Identifier with QoS 1 and DUP flag set to 0[MQTT-4.3.2-2].
· MUST treat the PUBLISH packet as“unacknowledged” until it has received the corresponding PUBACK packet from thereceiver. Refer tosection 4.4for a discussion of unacknowledged messages[MQTT-4.3.2-3].
The Packet Identifier becomesavailable for reuse once the sender has received the PUBACK packet.
Note that a sender is permitted tosend further PUBLISH packets with different Packet Identifiers while it iswaiting to receive acknowledgements.
Inthe QoS 1 delivery protocol, the receiver
- MUST respond with a PUBACK packet containing the Packet Identifier from the incoming PUBLISH packet, having accepted ownership of the Application Message[MQTT-4.3.2-4].
- After it has sent a PUBACK packet the receiver MUST treat any incoming PUBLISH packet that contains the same Packet Identifier as being a new Application Message, irrespective of the setting of its DUP flag[MQTT-4.3.2-5].
Figure 4.2 – QoS 1 protocol flow diagram, non-normativeexample
Sender Action | MQTT Control Packet | Receiver action |
Store message | | |
Send PUBLISH QoS 1, DUP=0, <Packet Identifier> | ----------> | |
| | Initiate onward delivery of the Application Message1 |
| <---------- | Send PUBACK <Packet Identifier> |
Discard message | | |
1The receiver does notneed to complete delivery of the Application Message before sending the PUBACK.When its original sender receives the PUBACK packet, ownership of the ApplicationMessage is transferred to the receiver.
4.3.3QoS 2: Exactly once delivery
This is the highest Quality of Service level, for use whenneither loss nor duplication of messages are acceptable. There is an increasedoverhead associated with QoS 2.
A QoS 2 message has a Packet Identifier in its VariableHeader.Section 2.2.1 provides more informationabout Packet Identifiers. The receiver of a QoS 2 PUBLISH packet acknowledgesreceipt with a two-step acknowledgement process.
Inthe QoS 2 delivery protocol, the sender:
- MUST assign an unused Packet Identifier when it has a new Application Message to publish [MQTT-4.3.3-1].
- MUST send a PUBLISH packet containing this Packet Identifier with QoS 2 and DUP flag set to 0[MQTT-4.3.3-2].
- MUST treat the PUBLISH packet as “unacknowledged” until it has received the corresponding PUBREC packet from the receiver[MQTT-4.3.3-3]. Refer tosection 4.4 for a discussion of unacknowledged messages.
- MUST send a PUBREL packet when it receives a PUBREC packet from the receiver with a Reason Code value less than 0x80. This PUBREL packet MUST contain the same Packet Identifier as the original PUBLISH packet[MQTT-4.3.3-4].
- MUST treat the PUBREL packet as “unacknowledged” until it has received the corresponding PUBCOMP packet from the receiver[MQTT-4.3.3-5].
- MUST NOT re-send the PUBLISH once it has sent the corresponding PUBREL packet[MQTT-4.3.3-6].
- MUST NOT apply Message expiry if a PUBLISH packet has been sent[MQTT-4.3.3-7].
The Packet Identifier becomesavailable for reuse once the sender has received the PUBCOMP packet or a PUBRECwith a Reason Code of 0x80 or greater.
Note that a sender is permittedto send further PUBLISH packets with different Packet Identifiers while it iswaiting to receive acknowledgements, subject to flow control as described insection 4.9.
Inthe QoS 2 delivery protocol, the receiver:
- MUST respond with a PUBREC containing the Packet Identifier from the incoming PUBLISH packet, having accepted ownership of the Application Message[MQTT-4.3.3-8].
- If it has sent a PUBREC with a Reason Code of 0x80 or greater, the receiver MUST treat any subsequent PUBLISH packet that contains that Packet Identifier as being a new Application Message[MQTT-4.3.3-9].
- Until it has received the corresponding PUBREL packet, the receiver MUST acknowledge any subsequent PUBLISH packet with the same Packet Identifier by sending a PUBREC. It MUST NOT cause duplicate messages to be delivered to any onward recipients in this case[MQTT-4.3.3-10].
- MUST respond to a PUBREL packet by sending a PUBCOMP packet containing the same Packet Identifier as the PUBREL[MQTT-4.3.3-11].
- After it has sent a PUBCOMP, the receiver MUST treat any subsequent PUBLISH packet that contains that Packet Identifier as being a new Application Message[MQTT-4.3.3-12].
- MUST continue the QoS 2 acknowledgement sequence even if it has applied message expiry[MQTT-4.3.3-13].
4.4 Message delivery retry
When a Client reconnectswith Clean Start set to 0 and a session is present, both the Client and ServerMUST resend any unacknowledged PUBLISH packets (where QoS > 0) and PUBRELpackets using their original Packet Identifiers.This is the only circumstance where a Client or Serveris REQUIRED to resend messages. Clients and Servers MUST NOT resend messages atany other time[MQTT-4.4.0-1].
If PUBACK or PUBREC isreceived containing a Reason Code of 0x80 or greater the corresponding PUBLISHpacket is treated as acknowledged, and MUST NOT be retransmitted[MQTT-4.4.0-2].
Figure 4.3 – QoS 2 protocol flowdiagram, non-normative example
Sender Action | MQTT Control Packet | Receiver Action |
Store message | | |
PUBLISH QoS 2, DUP=0
<Packet Identifier> | | |
| ----------> | |
| | Store <Packet Identifier> then Initiate onward delivery of the Application Message1 |
| | PUBREC <Packet Identifier><Reason Code> |
| <---------- | |
Discard message, Store PUBREC received <Packet Identifier> | | |
PUBREL <Packet Identifier> | | |
| ----------> | |
| | Discard <Packet Identifier> |
| | Send PUBCOMP <Packet Identifier> |
| <---------- | |
Discard stored state | | |
1The receiver does notneed to complete delivery of the Application Message before sending the PUBRECor PUBCOMP. When its original sender receives the PUBREC packet, ownership ofthe Application Message is transferred to the receiver. However, the receiverneeds to perform all checks for conditions which might result in a forwardingfailure (e.g. quota exceeded, authorization, etc.) before accepting ownership.The receiver indicates success or failure using the appropriate Reason Code inthe PUBREC.
When a Server takesownership of an incoming Application Message it MUST add it to the SessionState for those Clients that have matching Subscriptions[MQTT-4.5.0-1]. Matching rules are defined insection 4.7.
Under normal circumstances Clients receive messages inresponse to Subscriptions they have created. A Client could also receivemessages that do not match any of its explicit Subscriptions. This can happenif the Server automatically assigned a subscription to the Client. A Clientcould also receive messages while an UNSUBSCRIBE operation is in progress.The Client MUST acknowledge any Publish packet itreceives according to the applicable QoS rules regardless of whether it electsto process the Application Message that it contains[MQTT-4.5.0-2].
The following these rules apply to the Client whenimplementing the protocol flows defined insection4.3.
- When the Client re-sends any PUBLISH packets, it MUST re-send them in the order in which the original PUBLISH packets were sent (this applies to QoS 1 and QoS 2 messages)[MQTT-4.6.0-1]
- The Client MUST send PUBACK packets in the order in which the corresponding PUBLISH packets were received (QoS 1 messages)[MQTT-4.6.0-2]
- The Client MUST send PUBREC packets in the order in which the corresponding PUBLISH packets were received (QoS 2 messages)[MQTT-4.6.0-3]
- The Client MUST send PUBREL packets in the order in which the corresponding PUBREC packets were received (QoS 2 messages)[MQTT-4.6.0-4]
An Ordered Topic is a Topic where the Client can be certainthat the Application Messages in that Topic from the same Client and at thesame QoS are received are in the order they were published.When a Server processes a message that has beenpublished to an Ordered Topic, it MUST send PUBLISH packets to consumers (forthe same Topic and QoS) in the order that they were received from any givenClient[MQTT-4.6.0-5]. This is additionto the rules listed above.
By default, a Server MUST treatevery Topic as an Ordered Topic when it is forwarding messages on Non‑sharedSubscriptions. [MQTT-4.6.0-6]. A Server MAYprovide an administrative or other mechanism to allow one or more Topics to notbe treated as an Ordered Topic.
Non-normativecomment
The rules listed above ensure thatwhen a stream of messages is published and subscribed to an Ordered Topic withQoS 1, the final copy of each message received by the subscribers will be inthe order that they were published. If the message is re-sent the duplicatemessage can be received after one of the earlier messages is received. Forexample, a publisher might send messages in the order 1,2,3,4 but thesubscriber might receive them in the order 1,2,3,2,3,4 if there is a networkdisconnection after message 3 has been sent.
If bothClient and Server set Receive Maximum to 1, they make sure that no more thanone message is “in-flight” at any one time. In this case no QoS 1 message willbe received after any later one even on re-connection. For example a subscribermight receive them in the order 1,2,3,3,4 but not 1,2,3,2,3,4.Refer tosection 4.9 Flow Control for details of how theReceive Maximum is used.
4.7 Topic Names and Topic Filters
4.7.1 Topic wildcards
The topic level separator is used to introduce structureinto the Topic Name. If present, it divides the Topic Name into multiple “topiclevels”.
A subscription’s Topic Filter can contain special wildcardcharacters, which allow a Client to subscribe to multiple topics at once.
The wildcard characters canbe used in Topic Filters, but MUST NOT be used within a Topic Name[MQTT-4.7.0-1].
The forward slash (‘/’ U+002F) is used to separate eachlevel within a topic tree and provide a hierarchical structure to the TopicNames. The use of the topic level separator is significant when either of thetwo wildcard characters is encountered in Topic Filters specified bysubscribing Clients. Topic level separators can appear anywhere in a TopicFilter or Topic Name. Adjacent Topic level separators indicate a zero-lengthtopic level.
The number sign (‘#’ U+0023) is a wildcard character thatmatches any number of levels within a topic. The multi-level wildcardrepresents the parent and any number of child levels.The multi-level wildcard character MUST be specified either on its ownor following a topic level separator. In either case it MUST be the lastcharacter specified in the Topic Filter[MQTT-4.7.1-1].
Non-normativecomment
For example, if a Client subscribesto “sport/tennis/player1/#”, it would receive messages published using these TopicNames:
· “sport/tennis/player1”
· “sport/tennis/player1/ranking
· “sport/tennis/player1/score/wimbledon”
Non-normativecomment
· “sport/#” also matches the singular “sport”, since # includes theparent level.
· “#” is valid and will receive every Application Message
· “sport/tennis/#” is valid
· “sport/tennis#” is not valid
· “sport/tennis/#/ranking” is not valid
The plus sign (‘+’ U+002B) is a wildcard character thatmatches only one topic level.
The single-level wildcardcan be used at any level in the Topic Filter, including first and last levels.Where it is used, it MUST occupy an entire level of the filter[MQTT-4.7.1-2]. It can be used at more than one levelin the Topic Filter and can be used in conjunction with the multi-levelwildcard.
Non-normativecomment
For example, “sport/tennis/+”matches “sport/tennis/player1” and “sport/tennis/player2”, but not“sport/tennis/player1/ranking”. Also, because the single-level wildcard matchesonly a single level, “sport/+” does not match “sport” but it does match“sport/”.
· “+” is valid
· “+/tennis/#” is valid
· “sport+” is not valid
· “sport/+/player1” is valid
· “/finance” matches “+/+” and “/+”, but not “+”
The Server MUST NOT matchTopic Filters starting with a wildcard character (# or +) with Topic Namesbeginning with a $ character[MQTT-4.7.2-1].The Server SHOULD prevent Clients from using such Topic Names to exchangemessages with other Clients. Server implementations MAY use Topic Names thatstart with a leading $ character for other purposes.
Non-normativecomment
· $SYS/ has been widely adopted as a prefix to topics that containServer-specific information or control APIs
· Applications cannot use a topic with a leading $ character fortheir own purposes
Non-normativecomment
· A subscription to “#” will not receive any messages published toa topic beginning with a $
· A subscription to “+/monitor/Clients” will not receive anymessages published to “$SYS/monitor/Clients”
· A subscription to “$SYS/#” will receive messages published totopics beginning with “$SYS/”
· A subscription to “$SYS/monitor/+” will receive messagespublished to “$SYS/monitor/Clients”
· For a Client to receive messages from topics that begin with$SYS/ and from topics that don’t begin with a $, it has to subscribe to both “#”and “$SYS/#”
The following rules apply to Topic Names and Topic Filters:
· All Topic Names and Topic FiltersMUST be at least one character long[MQTT-4.7.3-1]
· Topic Names and Topic Filters are case sensitive
· Topic Names and Topic Filters can include the space character
· A leading or trailing ‘/’ creates a distinct Topic Name or TopicFilter
· A Topic Name or Topic Filter consisting only of the ‘/’ characteris valid
· Topic Names and Topic FiltersMUST NOT include the null character (Unicode U+0000)[Unicode][MQTT-4.7.3-2]
· Topic Names and Topic Filters areUTF-8 Encoded Strings; they MUST NOT encode to more than 65,535 bytes[MQTT-4.7.3-3]. Refer tosection 1.5.4.
There is no limit to the number of levels in a Topic Name orTopic Filter, other than that imposed by the overall length of a UTF-8 EncodedString.
When it performssubscription matching the Server MUST NOT perform any normalization of TopicNames or Topic Filters, or any modification or substitution of unrecognizedcharacters[MQTT-4.7.3-4]. Eachnon-wildcarded level in the Topic Filter has to match the corresponding levelin the Topic Name character for character for the match to succeed.
Non-normativecomment
The UTF-8 encoding rules mean thatthe comparison of Topic Filter and Topic Name could be performed either bycomparing the encoded UTF-8 bytes, or by comparing decoded Unicode characters
Non-normativecomment
· “ACCOUNTS” and “Accounts” are two different Topic Names
· “Accounts payable” is a valid Topic Name
· “/finance” is different from “finance”
An Application Message is sent to each Client Subscriptionwhose Topic Filter matches the Topic Name attached to an Application Message.The topic resource MAY be either predefined in the Server by an administratoror it MAY be dynamically created by the Server when it receives the firstsubscription or an Application Message with that Topic Name. The Server MAYalso use a security component to authorize particular actions on the topicresource for a given Client.
4.8 Subscriptions
MQTT provides two kinds of Subscription, Shared and Non‑shared.
Non-normative comment
In earlier versions of MQTT allSubscriptions are Non‑shared.
A Non‑shared Subscription is associated only with theMQTT Session that created it. Each Subscription includes a Topic Filter,indicating the topic(s) for which messages are to be delivered on that Session,and Subscription Options. The Server is responsible for collecting messagesthat match the filter and transmitting them on the Session's MQTT connection ifand when that connection is active.
A Session cannot have more than one Non‑sharedSubscription with the same Topic Filter, so the Topic Filter can be used as a keyto identify the subscription within that Session.
If there are multiple Clients, each with its own Non‑sharedSubscription to the same Topic, each Client gets its own copy of theApplication Messages that are published on that Topic. This means that the Non‑sharedSubscriptions cannot be used to load-balance Application Messages acrossmultiple consuming Clients as in such cases every message is delivered to everysubscribing Client.
4.8.2 Shared Subscriptions
A Shared Subscription can be associated with multiplesubscribing MQTT Sessions. Like a Non‑shared Subscription, it has a TopicFilter and Subscription Options; however, a publication that matches its TopicFilter is only sent to one of its subscribing Sessions. Shared Subscriptionsare useful where several consuming Clients share the processing of thepublications in parallel.
A Shared Subscription is identified using a special style ofTopic Filter. The format of this filter is:
$share/{ShareName}/{filter}
· $share is a literal string that marks the Topic Filter as beinga Shared Subscription Topic Filter.
· {ShareName} is a character string that does not include"/", "+" or "#"
· {filter} The remainder of the string has the same syntax andsemantics as a Topic Filter in a non-shared subscription. Refer tosection 4.7.
·
A Shared Subscription'sTopic Filter MUST start with $share/ and MUST contain a ShareName that is atleast one character long[MQTT-4.8.2-1].The ShareName MUST NOT contain the characters"/", "+" or "#", but MUST be followed by a"/" character. This "/" character MUST be followed by aTopic Filter[MQTT-4.8.2-2] as describedinsection 4.7.
Non-normativecomment
Shared Subscriptions are defined atthe scope of the MQTT Server, rather than of a Session. A ShareName is includedin the Shared Subscription's Topic Filter so that there can be more than oneShared Subscription on a Server that has the same {filter} component. Typically,applications use the ShareName to represent the group of subscribing Sessionsthat are sharing the subscription.
Examples:
· Shared subscriptions "$share/consumer1/sport/tennis/+"and "$share/consumer2/sport/tennis/+" are distinct sharedsubscriptions and so can be associated with different groups of Sessions. Bothof them match the same topics as a non-shared subscription to sport/tennis/+ .
If a message wereto be published that matches sport/tennis/+ then a copy would be sent toexactly one of the Sessions subscribed to $share/consumer1/sport/tennis/+ , aseparate copy of the message would be sent to exactly one of the Sessionssubscribed to $share/consumer2/sport/tennis/+ and further copies would be sentto any Clients with non-shared subscriptions to sport/tennis/+
· Shared subscription "$share/consumer1//finance" matchesthe same topics as a non-shared subscription to /finance.
Note that "$share/consumer1//finance" and "$share/consumer1/sport/tennis/+"are distinct shared subscriptions, even though they have the same ShareName.While they might be related in some way, no specific relationship between themis implied by them having the same ShareName.
A Shared Subscription is created by using a SharedSubscription Topic Filter in a SUBSCRIBE request. So long as only one Sessionsubscribes to a particular Shared Subscription, the shared subscription behaveslike a non-shared subscription, except that:
· The $share and {ShareName} portions of the Topic Filter are nottaken into account when matching against publications.
· No Retained Messages are sent to the Session when it firstsubscribes. It will be sent other matching messages as they are published.
Once a Shared Subscription exists, it is possible for otherSessions to subscribe with the same Shared Subscription Topic Filter. The new Sessionis associated with the Shared Subscription as an additional subscriber.Retained messages are not sent to this new subscriber. Each subsequentApplication Message that matches the Shared Subscription is now sent to one andonly one of the Sessions that are subscribed to the Shared Subscription.
A Session can explicitly detach itself from a SharedSubscription by sending an UNSUBSCRIBE Packet that contains the full SharedSubscription Topic Filter. Sessions are also detached from the Shared Subscriptionwhen they terminate.
A Shared Subscription lasts for as long as it is associatedwith at least one Session (i.e. a Session that has issued a successfulSUBSCRIBE request to its Topic Filter and that has not completed acorresponding UNSUBSCRIBE). A Shared Subscription survives when the Sessionthat originally created it unsubscribes, unless there are no other Sessionsleft when this happens. A Shared Subscription ends, and any undeliveredmessages associated with it are deleted, when there are no longer any Sessionssubscribed to it.
Notes on Shared Subscriptions
· If there's more than one Session subscribed to the SharedSubscription, the Server implementation is free to choose, on a message bymessage basis, which Session to use and what criteria it uses to make thisselection.
· Different subscribing Clients are permitted to ask for differentRequested QoS levels in their SUBSCRIBE packets. The Server decides whichMaximum QoS to grant to each Client, and it is permitted to grant differentMaximum QoS levels to different subscribers. When sending an ApplicationMessage to a Client,the Server MUST respectthe granted QoS for the Client's subscription[MQTT-4.8.2-3],in the same that it does when sending a message to a ‑Subscriber.
· If the Server is in the process of sending a QoS 2 message to itschosen subscribing Client and the connection to the Client breaks beforedelivery is complete, the Server MUST completethe delivery of the message to that Client when it reconnects[MQTT-4.8.2-4]as described insection 4.3.3.Ifthe Client's Session terminates before the Client reconnects, the Server MUSTNOT send the Application Message to any other subscribed Client[MQTT-4.8.2-5].
· If the Server is in the process of sending a QoS 1 message to itschosen subscribing Client and the connection to that Client breaks before the Serverhas received an acknowledgement from the Client, the Server MAY wait for theClient to reconnect and retransmit the message to that Client. If the Client'sSessionterminates before the Client reconnects, the Server SHOULD send the ApplicationMessage to another Client that is subscribed to the same Shared Subscription.It MAY attempt to send the message to another Client as soon as it loses itsconnection to the first Client.
· If a Client responds with a PUBACKor PUBREC containing a Reason Code of 0x80 or greater to a PUBLISH packet fromthe Server, the Server MUST discard the Application Message and not attempt tosend it to any other Subscriber[MQTT-4.8.2-6].
· A Client is permitted to submit a second SUBSCRIBE request to aShared Subscription on a Session that's already subscribed to that SharedSubscription. For example, it might do this to change the Requested QoS for itssubscription or because it was uncertain that the previous subscribe completedbefore the previous connection was closed. This does not increase the number oftimes that the Session is associated with the Shared Subscription, so the Sessionwill leave the Shared Subscription on its first UNSUBSCRIBE.
· Each Shared Subscription is independent from any other. It is possibleto have two Shared Subscriptions with overlapping filters. In such cases amessage that matches both Shared Subscriptions will be processed separately byboth of them. If a Client has a Shared Subscription and a Non‑shared Subscriptionand a message matches both of them, the Client will receive a copy of themessage by virtue of it having the Non‑shared Subscription. A second copyof the message will be delivered to one of the subscribers to the SharedSubscription, and this could result in a second copy being sent to this Client.
4.9 Flow Control
Clients and Servers control thenumber of unacknowledged PUBLISH packets they receive by using a ReceiveMaximum value as described insection3.1.2.11.4 andsection 3.2.2.3.2. The ReceiveMaximum establishes a send quota which is used to limit the number of PUBLISHQOS > 0 packets which can be sent without receiving an PUBACK (for QoS 1) orPUBCOMP (for QoS 2). The PUBACK and PUBCOMP replenish the quota in the mannerdescribed below.
The Client or Server MUSTset its initial send quota to a non-zero value not exceeding the ReceiveMaximum[MQTT-4.9.0-1].
Each time the Client orServer sends a PUBLISH packet at QoS > 0, it decrements the send quota. Ifthe send quota reaches zero, the Client or Server MUST NOT send any morePUBLISH packets with QoS > 0[MQTT-4.9.0-2].It MAY continue to send PUBLISH packets with QoS 0, or it MAY choose to suspendsending these as well.The Client and ServerMUST continue to process and respond to all other MQTT Control Packets even ifthe quota is zero[MQTT-4.9.0-3].
The send quota is incremented by 1:
· Each time a PUBACK or PUBCOMP packet is received, regardless ofwhether the PUBACK or PUBCOMP carried an error code.
· Each time a PUBREC packet is received with a Return Code of 0x80or greater.
The send quota is not incremented if it is already equal tothe initial send quota. The attempt to increment above the initial send quotamight be caused by the re-transmission of a PUBREL packet after a new NetworkConnection is established.
Refer tosection 3.3.4 for adescription of how Clients and Servers react if they are sent more PUBLISHpackets than the Receive Maximum allows.
The send quota and Receive Maximum value are not preservedacross Network Connections, and are re-initialized with each new NetworkConnection as described above. They are not part of the session state.
4.10 Request / Response
Some applications or standardsmight wish to run a Request/Response interaction over MQTT. This version ofMQTT includes three properties that can be used for this purpose:
· Response Topic, described insection3.3.2.3.5
· Correlation Data, described insection3.3.2.3.6
· Request Response Information, described insection 3.1.2.11.7
· Response Information, described insection 3.2.2.3.14
The following non-normative sections describe how theseproperties can be used.
A Client sends a Request Message by publishing anApplication Message which has a Response Topic set as described insection 3.3.2.3.5. The Request can include aCorrelation Data property as described insection3.3.2.3.6.
Request/Response interaction proceeds as follows:
1. An MQTTClient (the Requester) publishes a Request Message to a topic. A RequestMessage is an Application Message with a Response Topic.
2. AnotherMQTT Client (the Responder) has subscribed to a Topic Filter which matches theTopic Name used when the Request Message was published. As a result, it receivesthe Request Message. There could be multiple Responders subscribed to thisTopic Name or there could be none.
3. TheResponder takes the appropriate action based on the Request Message, and thenpublishes a Response Message to the Topic Name in the Response Topic propertythat was carried in the Request Message.
4. In typicalusage the Requester has subscribed to the Response Topic and thereby receivesthe Response Message. However, some other Client might be subscribed to theResponse Topic in which case the Response Message will also be received andprocessed by that Client. As with the Request Message, the topic on which theResponse Message is sent could be subscribed to by multiple Clients, or bynone.
If the Request Message contains a Correlation Data property,the Responder copies this property into the Response Message and this is usedby the receiver of the Response Message to associate the Response Message withthe original request. The Response Message does not include a Response Topicproperty.
The MQTT Server forwards the Response Topic and CorrelationData Property in the Request Message and the Correlation Data in the ResponseMessage. The Server treats the Request Message and the Response Message likeany other Application Message.
The Requester normally subscribes to the Response Topicbefore publishing a Request Message. If there are no subscribers to theResponse Topic when the Response Message is sent, the Response Message will notbe delivered to any Client.
The Request Message and Response Message can be of any QoS,and the Responder can be using a Session with a non-zero Session ExpiryInterval. It is common to send Request Messages at QoS 0 and only when theResponder is expected to be connected. However, this is not necessary.
The Responder can use a Shared Subscription to allow for apool of responding Clients. Note however that when using Shared Subscriptionsthat the order of message delivery is not guaranteed between multiple Clients.
It is the responsibility of the Requester to make sure ithas the necessary authority to publish to the request topic, and to subscribeto the Topic Name that it sets in the Response Topic property. It is theresponsibility of the Responder to make sure it has the authority to subscribeto the request topic and publish to the Response Topic. While topicauthorization is outside of this specification, it is recommended that Serversimplement such authorization.
Requesters can determine a Topic Name to use as theirResponse Topic in any manner they choose including via local configuration. Toavoid clashes between different Requesters, it is desirable that the ResponseTopic used by a Requester Client be unique to that Client. As the Requester andResponder commonly need to be authorized to these topics, it can be anauthorization challenge to use a random Topic Name.
To help with this problem, this specification defines aproperty in the CONNACK packet called Response Information. The Server can usethis property to guide the Client in its choice for the Response Topic to use.This mechanism is optional for both the Client and the Server. At connect time,the Client requests that the Server send a Response Information by setting theRequest Response Information property in the CONNECT packet. This causes theServer to insert a Response Information property (a UTF-8 Encoded String) sentin the CONNACK packet.
This specification does not define the contents of theResponse Information but it could be used to pass a globally unique portion ofthe topic tree which is reserved for that Client for at least the lifetime ofits Session. Using this mechanism allows this configuration to be done once inthe Server rather than in each Client.
Refer tosection 3.1.2.11.7 for the definition of theResponse Information.
4.11 Server redirection
A Server can request that the Client uses another Server bysending CONNACK or DISCONNECT with Reason Codes 0x9C (Use another server), or0x9D (Server moved) as described insection 4.13.When sending one of these Reason Codes, the Server MAY also include a ServerReference property to indicate the location of the Server or Servers the ClientSHOULD use.
The Reason Code 0x9C (Use another server) specifies that theClient SHOULD temporarily switch to using another Server. The other Server iseither already known to the Client, or is specified using a Server Reference.
The Reason Code 0x9D (Server moved) specifies that theClient SHOULD permanently switch to using another Server. The other Server iseither already known to the Client, or is specified using a Server Reference.
The Server Reference is a UTF-8 Encoded String. The value ofthis string is a space separated list of references. The format of referencesis not specified here.
Non-normativecomment
It is recommended that eachreference consists of a name optionally followed by a colon and a port number.If the name contains a colon the name string can be enclosed within squarebrackets (“[“ and ‘]”). A name enclosed by square brackets cannot contain theright square bracket (“]”) character. This is used to represent an IPv6 literaladdress which uses colon separators.This is asimplified version of an URI authority as described in[RFC3986].
Non-normative comment
The name within a Server Referencecommonly represents a host name, DNS name[RFC1035], SRVname[RFC2782] , or literal IP address. The valuefollowing the colon separator is commonly a port number in decimal. This is notneeded where the port information comes from the name resolution (such as withSRV) or is defaulted.
Non-normative comment
If multiple references are given,the expectation is that that Client will choose one of them.
Non-normativecomment
Examples of the Server Referenceare:
myserver.xyz.org
myserver.xyz.org:8883
10.10.151.22:8883[fe80::9610:3eff:fe1c]:1883
The Server is allowed to not ever send a Server Reference,and the Client is allowed to ignore a Server Reference. This feature can beused to allow for load balancing, Server relocation, and Client provisioning toa Server.
4.12 Enhancedauthentication
The MQTT CONNECT packet supports basic authentication of aNetwork Connection using the User Name and Password fields. While these fieldsare named for a simple password authentication, they can be used to carry otherforms of authentication such as passing a token as the Password.
Enhanced authentication extends this basic authentication toinclude challenge / response style authentication. It might involve theexchange of AUTH packets between the Client and the Server after the CONNECTand before the CONNACK packets.
To begin an enhanced authentication, the Client includes anAuthentication Method in the CONNECT packet. This specifies the authenticationmethod to use.If the Server does not supportthe Authentication Method supplied by the Client, it MAY send a CONNACK with aReason Code of 0x8C (Bad authentication method) or 0x87 (Not Authorized) asdescribed insection4.13 and MUST close the NetworkConnection[MQTT-4.12.0-1].
The Authentication Method is an agreement between the Clientand Server about the meaning of the data sent in the Authentication Data andany of the other fields in CONNECT, and the exchanges and processing needed bythe Client and Server to complete the authentication.
Non-normativecomment
The Authentication Method is commonlya SASL mechanism, and using such a registered name aids interchange. However,the Authentication Method is not constrained to using registered SASLmechanisms.
If the Authentication Method selected by the Clientspecifies that the Client sends data first, the Client SHOULD include anAuthentication Data property in the CONNECT packet. This property can be usedto provide data as specified by the Authentication Method. The contents of theAuthentication Data are defined by the authentication method.
If the Server requiresadditional information to complete the authentication, it can send an AUTHpacket to the Client. This packet MUST contain a Reason Code of 0x18 (Continueauthentication)[MQTT-4.12.0-2]. If theauthentication method requires the Server to send authentication data to theClient, it is sent in the Authentication Data.
The Client responds to anAUTH packet from the Server by sending a further AUTH packet. This packet MUSTcontain a Reason Code of 0x18 (Continue authentication)[MQTT-4.12.0-3]. If the authentication method requiresthe Client to send authentication data for the Server, it is sent in the AuthenticationData.
The Client and Server exchange AUTH packets as needed untilthe Server accepts the authentication by sending a CONNACK with a Reason Codeof 0. If the acceptance of the authentication requires data to be sent to theClient, it is sent in the Authentication Data.
The Client can close the connection at any point in thisprocess. It MAY send a DISCONNECT packet before doing so.The Server can reject the authentication at any pointin this process. It MAY send a CONNACK with a Reason Code of 0x80 or above asdescribed insection4.13, and MUST close the NetworkConnection[MQTT-4.12.0-4].
If the initial CONNECTpacket included an Authentication Method property then all AUTH packets, andany successful CONNACK packet MUST include an Authentication Method Propertywith the same value as in the CONNECT packet[MQTT-4.12.0-5].
The implementation of enhanced authentication is OPTIONALfor both Clients and Servers.If the Clientdoes not include an Authentication Method in the CONNECT, the Server MUST NOT sendan AUTH packet, and it MUST NOT send an Authentication Method in the CONNACKpacket[MQTT-4.12.0-6].If the Client does not include an AuthenticationMethod in the CONNECT, the Client MUST NOT send an AUTH packet to the Server[MQTT-4.12.0-7].
If the Client does not include an Authentication Method inthe CONNECT packet, the Server SHOULD authenticate using some or all of theinformation in the CONNECT packet, TLS session, and Network Connection.
Non-normative example showinga SCRAM challenge
· Client to Server: CONNECT AuthenticationMethod="SCRAM-SHA-1" Authentication Data=client-first-data
· Server to Client: AUTH rc=0x18 AuthenticationMethod="SCRAM-SHA-1" Authentication Data=server-first-data
· Client to Server AUTH rc=0x18 Authentication Method="SCRAM-SHA-1"Authentication Data=client-final-data
· Server to Client CONNACK rc=0 AuthenticationMethod="SCRAM-SHA-1" Authentication Data=server-final-data
Non-normative exampleshowing a Kerberos challenge
· Client to Server CONNECT Authentication Method="GS2-KRB5"
· Server to Client AUTH rc=0x18 Authentication Method="GS2-KRB5"
· Client to Server AUTH rc=0x18 Authentication Method="GS2-KRB5"Authentication Data=initial context token
· Server to Client AUTH rc=0x18 Authentication Method="GS2-KRB5"Authentication Data=reply context token
· Client to Server AUTH rc=0x18 AuthenticationMethod="GS2-KRB5"
· Server to Client CONNACK rc=0 Authentication Method="GS2-KRB5"Authentication Data=outcome of authentication
4.12.1 Re-authentication
If the Client supplied anAuthentication Method in the CONNECT packet it can initiate a re-authenticationat any time after receiving a CONNACK. It does this by sending an AUTH packetwith a Reason Code of 0x19 (Re-authentication). The Client MUST set the AuthenticationMethod to the same value as the Authentication Method originally used toauthenticate the Network Connection[MQTT-4.12.1-1].If the authentication method requires Client data first, this AUTH packetcontains the first piece of authentication data as the Authentication Data.
The Server responds to this re-authentication request bysending an AUTH packet to the Client with a Reason Code of 0x00 (Success) toindicate that the re-authentication is complete, or a Reason Code of 0x18(Continue authentication) to indicate that more authentication data is needed.The Client can respond with additional authentication data by sending an AUTHpacket with a Reason Code of 0x18 (Continue authentication). This flowcontinues as with the original authentication until the re-authentication is completeor the re-authentication fails.
If the re-authenticationfails, the Client or Server SHOULD send DISCONNECT with an appropriate ReasonCode as described insection 4.13, and MUST closethe Network Connection[MQTT-4.12.1-2].
During this re-authentication sequence, the flow of otherpackets between the Client and Server can continue using the previousauthentication.
Non-normativecomment
The Server might limit the scope ofthe changes the Client can attempt in a re-authentication by rejecting there-authentication. For instance, if the Server does not allow the User Name tobe changed it can fail any re-authentication attempt which changes the UserName.
4.13 Handling errors
Definitions of Malformed Packet and Protocol Errors arecontained insection 1.2 Terminology, some but notall, of these error cases are noted throughout the specification. The rigor withwhich a Client or Server checks an MQTT Control Packet it has received will bea compromise between:
· The size of the Client or Server implementation.
· The capabilities that the implementation supports.
· The degree to which the receiver trusts the sender to sendcorrect MQTT Control Packets.
· The degree to which the receiver trusts the network to deliverMQTT Control Packets correctly.
· The consequences of continuing to process a packet that isincorrect.
If the sender is compliant with this specification it willnot send Malformed Packets or cause Protocol Errors. However, if a Client sendsMQTT Control Packets before it receives CONNACK, it might cause a ProtocolError because it made an incorrect assumption about the Server capabilities. Referto section 3.1.4 CONNECT Actions.
The Reason Codes used for Malformed Packet and ProtocolErrors are:
· 0x81 Malformed Packet
· 0x82 Protocol Error
· 0x93 Receive Maximum exceeded
· 0x95 Packet too large
· 0x9A Retain not supported
· 0x9B QoS not supported
· 0x9E Shared Subscriptions not supported
· 0xA1 Subscription Identifiers not supported
· 0xA2 Wildcard Subscriptions not supported
When a Client detects a Malformed Packet or Protocol Error, anda Reason Code is given in the specification, it SHOULD close the NetworkConnection. In the case of an error in a AUTH packet it MAY send a DISCONNECT packetcontaining the reason code, before closing the Network Connection. In the caseof an error in any other packet it SHOULD send a DISCONNECT packet containingthe reason code before closing the Network Connection. Use Reason Code 0x81(Malformed Packet) or 0x82 (Protocol Error) unless a more specific Reason Codehas been defined in section 3.14.2.1DisconnectReason Code.
When a Server detects aMalformed Packet or Protocol Error, and a Reason Code is given in thespecification, it MUST close the Network Connection[MQTT-4.13.1-1]. In the case of an error in a CONNECTpacket it MAY send a CONNACK packet containing the Reason Code, before closingthe Network Connection. In the case of an error in any other packet it SHOULDsend a DISCONNECT packet containing the Reason Code before closing the NetworkConnection. Use Reason Code 0x81 (Malformed Packet) or 0x82 (Protocol Error)unless a more specific Reason Code has been defined in section 3.2.2.2 - Connect Reason Code or insection3.14.2.1 – Disconnect Reason Code.There are no consequences for other Sessions.
If either the Server or Client omits to check some featureof an MQTT Control Packet, it might fail to detect an error, consequently itmight allow data to be damaged.
Errors other than Malformed Packet and Protocol Errorscannot be anticipated by the sender because the receiver might have constraintswhich it has not communicated to the sender. A receiving Client or Server mightencounter a transient error, such as a shortage of memory, that preventssuccessful processing of an individual MQTT Control Packet.
Acknowledgment packets PUBACK, PUBREC, PUBREL, PUBCOMP,SUBACK, UNSUBACK with a Reason Code of 0x80 or greater indicate that thereceived packet, identified by a Packet Identifier, was in error. There are noconsequences for other Sessions or other Packets flowing on the same Session.
The CONNACK and DISCONNECTpackets allow a Reason Code of 0x80 or greater to indicate that the NetworkConnection will be closed. If a Reason Code of 0x80 or greater is specified,then the Network Connection MUST be closed whether or not the CONNACK orDISCONNECT is sent[MQTT-4.13.2-1].Sending of one of these Reason Codes does not have consequence for any otherSession.
If the Control Packet contains multiple errors the receiverof the Packet can validate the Packet in any order and take the appropriateaction for any of the errors found.
Refer tosection5.4.9 for information abouthandling Disallowed Unicode code points.
5 Security (non-normative)
MQTT is a transport protocol specification for messagetransmission, allowing implementers a choice of network, privacy,authentication and authorization technologies. Since the exact securitytechnologies chosen will be context specific, it is the implementer's responsibilityto include the appropriate features as part of their design.
MQTT Implementations will likely need to keep pace with anevolving security landscape.
This Chapter provides general implementation guidance so asnot to restrict choices available and is therefore non-normative. This shouldnot detract from its importance.
It is strongly recommended that Server implementations thatoffer TLS[RFC5246]should use TCPport 8883 (IANA service name: secure-mqtt).
There are a number of threats that solution providers shouldconsider. For example:
- Devices could be compromised
- Data at rest in Clients and Servers might be accessible
- Protocol behaviors could have side effects (e.g. “timing attacks”)
- Denial of Service (DoS) attacks
- Communications could be intercepted, altered, re-routed or disclosed
- Injection of spoofed MQTT Control Packets
MQTT solutions are often deployed in hostile communicationenvironments. In such cases, implementations will often need to providemechanisms for:
- Authentication of users and devices
- Authorization of access to Server resources
- Integrity of MQTT Control Packets and application data contained therein
- Privacy of MQTT Control Packets and application data contained therein
In addition to technical security issues there could also begeographic (e.g. U.S.-EU Privacy Shield Framework[USEUPRIVSH]),industry specific (e.g. PCI DSS[PCIDSS])and regulatory considerations (e.g. Sarbanes-Oxley[SARBANES]).
An implementation might want to provide conformance withspecific industry security standards such as NIST Cyber Security Framework[NISTCSF], PCI-DSS[PCIDSS]),FIPS-140-2[FIPS1402] and NSA Suite B[NSAB].
Guidance on using MQTT within the NIST Cyber SecurityFramework[NISTCSF]can be foundin the MQTT supplemental publication, MQTT and the NIST Framework for ImprovingCritical Infrastructure Cybersecurity[MQTTNIST]. Theuse of industry proven, independently verified and certified technologies willhelp meet compliancerequirements.
Advanced Encryption Standard[AES] is themost widely adopted encryption algorithm. There is hardware support for AES inmany processors, but not commonly for embedded processors. The encryption algorithmChaCha20 [CHACHA20] encrypts and decrypts much fasterin software, but is not as widely available as AES.
ISO 29192[ISO29192]makesrecommendations for cryptographic primitives specifically tuned to perform onconstrained “low end” devices.
There are many security concerns to consider whenimplementing or using MQTT. The following section should not be considered a“check list”.
An implementation might want to achieve some, or all, of thefollowing:
The CONNECT packet contains User Name and Password fields.Implementations can choose how to make use of the content of these fields. Theymay provide their own authentication mechanism, use an external authenticationsystem such as LDAP[RFC4511] or OAuth[RFC6749]tokens, or leverage operating system authentication mechanisms.
MQTT v5.0 provides an enhanced authentication mechanism asdescribed insection 4.12. Using thisrequires support for it in both the Client and Server.
Implementations passing authentication data in clear text,obfuscating such data elements or requiring no authentication data should beaware this can give rise to Man-in-the-Middle and replay attacks.Section 5.4.5 introduces approaches toensure data privacy.
A Virtual Private Network (VPN) between the Clients andServers can provide confidence that data is only being received from authorizedClients.
Where TLS[RFC5246] is used, TLSCertificates sent from the Client can be used by the Server to authenticate theClient.
An implementation might allow for authentication where thecredentials are sent in an Application Message from the Client to the Server.
Ifa Client has been successfully authenticated, a Server implementation shouldcheck that it is authorized before accepting its connection.
Authorization may be based on information provided by theClient such as User Name, the hostname/IP address of the Client, or the outcomeof authentication mechanisms.
In particular, the implementation should check that theClient is authorized to use the Client Identifier as this gives access to theMQTT Session State (described insection 4.1).This authorization check is to protect against the case where one Client,accidentally or maliciously, provides a Client Identifier that is already beingused by some other Client.
An implementation should provide access controls that takeplace after CONNECT to restrict the Clients ability to publish to particularTopics or to subscribe using particular Topic Filters. An implementation shouldconsider limiting access to Topic Filters that have broad scope, such as the #Topic Filter.
The MQTT protocol is not trust symmetrical. When using basicauthentication, there is no mechanism for the Client to authenticate theServer. Some forms of extended authentication do allow for mutualauthentication.
Where TLS[RFC5246] is used, TLSCertificates sent from the Server can be used by the Client to authenticate theServer. Implementations providing MQTT service for multiple hostnames from asingle IP address should be aware of the Server Name Indication extension to TLSdefined in section 3 of[RFC6066].This allows a Clientto tell the Server the hostname of the Server it is trying to connect to.
An implementation might allow for authentication where thecredentials are sent in an Application Message from the Server to the Client. MQTTv5.0 provides an enhanced authentication mechanism as described insection 4.12., which can be used to Authenticatethe Server to the Client. Using this requires support for it in both the Clientand Server.
A VPN between Clients and Servers can provide confidencethat Clients are connecting to the intended Server.
Applications can independently include hash values in theirApplication Messages. This can provide integrity of the contents of Publish packetsacross the network and at rest.
TLS[RFC5246]provides hash algorithms to verify the integrity of data sent over the network.
The use of VPNs to connect Clients and Servers can provideintegrity of data across the section of the network covered by a VPN.
5.4.5 Privacy of Application Messages and MQTTControl Packets
TLS[RFC5246] can provide encryptionof data sent over the network. There are valid TLS cipher suites that include aNULL encryption algorithm that does not encrypt data. To ensure privacy Clientsand Servers should avoid these cipher suites.
An application might independently encrypt the contents ofits Application Messages. This could provide privacy of the Application Messageboth over the network and at rest. This would not provide privacy for other Propertiesof the Application Message such as Topic Name.
Client and Server implementations can provide encryptedstorage for data at rest such as Application Messages stored as part of aSession.
The use of VPNs to connect Clients and Servers can provideprivacy of data across the section of the network covered by a VPN.
Application designers might need to consider appropriatestrategies to achieve end to end non-repudiation.
Client and Server implementations using TLS[RFC5246]should providecapabilities to ensure that any TLS certificates provided when initiating a TLSconnection are associated with the hostname of theClient connecting or Server being connected to.
Client and Server implementations using TLS can choose toprovide capabilities to check Certificate Revocation Lists (CRLs[RFC5280]) and Online Certificate Status Protocol (OSCP)[RFC6960]to prevent revoked certificates from being used.
Physical deployments might combine tamper-proof hardwarewith the transmission of specific data in Application Messages. For example, ameter might have an embedded GPS to ensure it is not used in an unauthorizedlocation.[IEEE8021AR] is a standard for implementingmechanisms to authenticate a device’s identity using a cryptographically boundidentifier.
Server implementations might monitor Client behavior todetect potential security incidents. For example:
· Repeated connection attempts
· Repeated authentication attempts
· Abnormal termination of connections
· Topic scanning (attempts to send or subscribe to many topics)
· Sending undeliverable messages (no subscribers to the topics)
· Clients that connect but do not send data
Server implementations might closethe Network Connection of Clients that breach its security rules.
Server implementations detecting unwelcome behavior mightimplement a dynamic block list based on identifiers such as IP address or ClientIdentifier.
Deployments might use network-level controls (whereavailable) to implement rate limiting or blocking based on IP address or otherinformation.
5.4.9 Handling of Disallowed Unicode codepoints
Section1.5.4describes theDisallowed Unicode code points, which should not be included in a UTF-8 EncodedString. A Client or Server implementation can choose whether to validate thatthese code points are not used in UTF-8 Encoded Strings such as the Topic Nameor Properties.
If the Server does not validate the code points in a UTF-8Encoded String but a subscribing Client does, then a second Client might beable to cause the subscribing Client to close the Network Connection bypublishing on a Topic Name or using Properties that contain a DisallowedUnicode code point. This section recommends some steps that can be taken toprevent this problem.
A similar problem can occur when the Client validates thatthe payload matches the Payload Format Indicator and the Server does not. Theconsiderations and remedies for this are similar to those for handlingDisallowed Unicode code points.
An implementation would normally choose to validate UTF-8Encoded strings, checking that the Disallowed Unicode code points are not used.This avoids implementation difficulties such as the use of libraries that aresensitive to these code points, it also protects applications from having toprocess them.
Validating that these code points are not used removes somesecurity exposures. There are possible security exploits which use controlcharacters in log files to mask entries in the logs or confuse the tools whichprocess log files. The Unicode Noncharacters are commonly used as specialmarkers and allowing them into UTF-8 Encoded Strings could permit suchexploits.
The publisher of an Application Message normally expectsthat the Servers will forward the message to subscribers, and that thesesubscribers are capable of processing the messages.
These are some conditions under which a publishing Clientcan cause the subscribing Client to close the Network Connection. Consider asituation where:
· A Client publishes an Application Message using a Topic Namecontaining one of the Disallowed Unicode code points.
· The publishing Client library allows the Disallowed Unicode codepoint to be used in a Topic Name rather than rejecting it.
· The publishing Client is authorized to send the publication.
· A subscribing Client is authorized to use a Topic Filter whichmatches the Topic Name. Note that the Disallowed Unicode code point might occurin a part of the Topic Name matching a wildcard character in the Topic Filter.
· The Server forwards the message to the matching subscriber ratherthan disconnecting the publisher.
· In this case the subscribing Client might:
o Close the Network Connection because it does not allow the use ofDisallowed Unicode code points, possibly sending a DISCONNECT before doing so. For QoS 1 and QoS 2 messages this might cause the Server to send the messageagain, causing the Client to close the Network Connection again.
o Reject the Application Message by sending a Reason Code greaterthan or equal to 0x80 in a PUBACK (QoS 1) or PUBREC (QoS 2).
o Accept the Application Message but fail to process it because itcontains one of the Disallowed Unicode code points.
o Successfully process the Application Message.
The potential for the Client to close the Network Connectionmight go unnoticed until a publisher uses one of the Disallowed Unicode codepoints.
If there is a possibility that a Disallowed Unicode codepoint could be included in a Topic Name or other Properties delivered to aClient, the solution owner can adopt one of the following suggestions:
1) Change theServer implementation to one that rejects UTF-8 Encoded Strings containing aDisallowed Unicode code point either by sending a Reason Code greater than orequal to 0x80 or closing the Network Connection.
2) Change theClient library used by the subscribers to one that tolerates the use ofDisallowed Code points. The client can either process or discard messages withUTF-8 Encoded Strings that contain Disallowed Unicode code points so long as itcontinues the protocol.
If Client or Server TLS certificates are lost or it isconsidered that they might be compromised they should be revoked (utilizingCRLs[RFC5280] and/or OSCP[RFC6960]).
Client or Server authentication credentials, such as UserName and Password, that are lost or considered compromised should be revokedand/or reissued.
In the case of long lasting connections:
· Client and Server implementations using TLS[RFC5246]should allow for session renegotiation to establish new cryptographicparameters (replace session keys, change cipher suites, change authenticationcredentials).
· Servers may close the Network Connection of Clients and requirethem to re-authenticate with new credentials.
· Servers may require their Client to reauthenticate periodicallyusing the mechanism described insection 4.12.1.
Constrained devices and Clients on constrained networks canmake use of TLS[RFC5246] session resumption, in orderto reduce the costs of reconnecting TLS[RFC5246]sessions.
Clients connected to a Server have a transitive trustrelationship with other Clients connected to the same Server and who haveauthority to publish data on the same topics.
Implementations of Clients should be aware that someenvironments will require the use of SOCKSv5[RFC1928]proxies to make outbound Network Connections. Some MQTT implementations couldmake use of alternative secured tunnels (e.g. SSH) through the use of SOCKS.Where implementations choose to use SOCKS, they should support both anonymousand User Name, Password authenticating SOCKS proxies. In the latter case,implementations should be aware that SOCKS authentication might occur inplain-text and so should avoid using the same credentials for connection to aMQTT Server.
Implementers and solution designers might wish to considersecurity as a set of profiles which can be applied to the MQTT protocol. Anexample of a layered security hierarchy is presented below.
When using the clear communication profile, the MQTTprotocol runs over an open network with no additional secure communicationmechanisms in place.
When using the secured network communication profile, theMQTT protocol runs over a physical or virtual network which has securitycontrols e.g., VPNs or physically secure network.
When using the secured transport profile, the MQTT protocolruns over a physical or virtual network and using TLS[RFC5246]which provides authentication, integrity and privacy.
TLS[RFC5246]Client authenticationcan be used in addition to – or in place of – MQTT Client authentication asprovided by the User Name and Password fields.
It is anticipated that the MQTT protocol will be designedinto industry specific application profiles, each defining a threat model andthe specific security mechanisms to be used to address these threats. Recommendationsfor specific security mechanisms will often be taken from existing worksincluding:
[NISTCSF]NISTCyber Security Framework
[NIST7628]NISTIR7628 Guidelines for Smart Grid Cyber Security
[FIPS1402]SecurityRequirements for Cryptographic Modules (FIPS PUB 140-2)
[PCIDSS]PCI-DSSPayment Card Industry Data Security Standard
[NSAB]NSASuite B Cryptography
6 UsingWebSocket as a network transport
If MQTT is transported over aWebSocket[RFC6455] connection, the following conditions apply:
· MQTT Control Packets MUST be sentin WebSocket binary data frames. If any other type of data frame is receivedthe recipient MUST close the Network Connection[MQTT-6.0.0-1].
· A single WebSocket data frame cancontain multiple or partial MQTT Control Packets. The receiver MUST NOT assumethat MQTT Control Packets are aligned on WebSocket frame boundaries[MQTT-6.0.0-2].
· The Client MUST include “mqtt” inthe list of WebSocket Sub Protocols it offers[MQTT-6.0.0-3].
· The WebSocket Subprotocol nameselected and returned by the Server MUST be “mqtt”[MQTT-6.0.0-4].
· The WebSocket URI used to connectthe Client and Server has no impact on the MQTT protocol.
Thisspecification requests IANA to modify the registration of the WebSocket MQTTsub-protocol under the “WebSocket Subprotocol Name” registry with the followingdata:
Figure 6.6‑1- IANA WebSocket Identifier
Subprotocol Identifier | mqtt |
Subprotocol Common Name | mqtt |
Subprotocol Definition | http://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html |
The MQTT specification defines conformance for MQTT Clientimplementations and MQTT Server implementations. An MQTT implementation canconform as both an MQTT Client and an MQTT Server.
Refer toServer in the Terminologysection for a definition of Server.
An MQTT Server conforms to this specification only if itsatisfies all the statements below:
1. The formatof all MQTT Control Packets that the Server sends matches the format describedinChapter 2 andChapter 3.
2. It followsthe Topic matching rules described insection 4.7and the Subscription rules insection 4.8.
3. It satisfies the MUST level requirements in the followingchapters that are identified except for those that only apply to the Client:
· Chapter 1 - Introduction
· Chapter 2 - MQTT Control Packetformat
· Chapter 3 - MQTT Control Packets
· Chapter 4 - Operational behavior
· Chapter 6 - Using WebSocket as anetwork transport
4. It doesnot require the use of any extensions defined outside of the specification inorder to interoperate with any other conformant implementation.
Refer toClient in the Terminologysection for a definition of Client.
An MQTT Client conforms to this specification only if itsatisfies all the statements below:
1. The formatof all MQTT Control Packets that the Client sends matches the format describedinChapter 2 andChapter 3.
2. It satisfies the MUST level requirements in the followingchapters that are identified except for those that only apply to the Server:
· Chapter 1 - Introduction
· Chapter 2 - MQTT Control Packetformat
· Chapter 3 - MQTT Control Packets
· Chapter 4 - Operational behavior
· Chapter 6 - Using WebSocket as anetwork transport
3. It doesnot require the use of any extensions defined outside of the specification inorder to interoperate with any other conformant implementation.
Appendix A. Acknowledgments
The TCowes special thanks to Dr. Andy Stanford-Clark and Arlen Nipper as the originalinventors of the MQTT protocol and for their continued support with thestandardization process.
The TC wishesto thank Brian Raymor (formerly of Microsoft) for his work as co-chairman ofthe MQTT TC during much of the development of the version 5.0 standard.
Thefollowing individuals were members of the OASIS Technical Committee during thecreation of this standard and their contributions are gratefully acknowledged:
Participants:
· Senthil Nathan Balasubramaniam (Infiswift)
· Dr. Andrew Banks, editor (IBM)
· Ken Borgendale, editor (IBM)
· Ed Briggs, editor (Microsoft)
· Raphael Cohn (Individual)
· Richard Coppen, chairman (IBM)
· William Cox (Individual)
· Ian Craggs , secretary (IBM)
· Konstantin Dotchkoff (Microsoft)
· Derek Fu (IBM)
· Rahul Gupta, editor (IBM)
· Stefan Hagen (Individual)
· David Horton (Solace Systems)
· Alex Kritikos (Software AG, Inc.)
· Jonathan Levell (IBM)
· Shawn McAllister (Solace Systems)
· William McLane (TIBCO Software Inc.)
· Peter Niblett (IBM)
· Dominik Obermaier (dc-square GmbH)
· Nicholas O'Leary (IBM)
· Brian Raymor (Microsoft)
· Andrew Schofield (IBM)
· Tobias Sommer (Cumulocity)
· Joe Speed (IBM)
· Dr Andy Stanford-Clark (IBM)
· Allan Stockdill-Mander (IBM)
· Stehan Vaillant (Cumulocity)
For a list of those who contributed to earlier versions ofMQTT refer to Appendix A in the MQTT v3.1.1 specification[MQTTV311].
Appendix B. Mandatory normativestatement (non-normative)
This Appendix is non-normative and is provided as aconvenient summary of the numbered conformance statements found in the mainbody of this document. Refer toChapter 7 for adefinitive list of conformance requirements.
Normative Statement Number | Normative Statement |
[MQTT-1.5.4-1] | The character data in a UTF-8 Encoded String MUST be well-formed UTF-8 as defined by the Unicode specification [Unicode] and restated in RFC 3629 [RFC3629]. In particular, the character data MUST NOT include encodings of code points between U+D800 and U+DFFF. |
[MQTT-1.5.4-2] | A UTF-8 Encoded String MUST NOT include an encoding of the null character U+0000. |
[MQTT-1.5.4-3] | A UTF-8 encoded sequence 0xEF 0xBB 0xBF is always interpreted as U+FEFF ("ZERO WIDTH NO-BREAK SPACE") wherever it appears in a string and MUST NOT be skipped over or stripped off by a packet receiver. |
[MQTT-1.5.5-1] | The encoded value MUST use the minimum number of bytes necessary to represent the value. |
[MQTT-1.5.7-1] | Both strings MUST comply with the requirements for UTF-8 Encoded Strings. |
[MQTT-2.1.3-1] | Where a flag bit is marked as “Reserved” it is reserved for future use and MUST be set to the value listed. |
[MQTT-2.2.1-2] | A PUBLISH packet MUST NOT contain a Packet Identifier if its QoS value is set to 0. |
[MQTT-2.2.1-3] | Each time a Client sends a new SUBSCRIBE, UNSUBSCRIBE,or PUBLISH (where QoS > 0) MQTT Control Packet it MUST assign it a non-zero Packet Identifier that is currently unused. |
[MQTT-2.2.1-4] | Each time a Server sends a new PUBLISH (with QoS > 0) MQTT Control Packet it MUST assign it a non zero Packet Identifier that is currently unused. |
[MQTT-2.2.1-5] | A PUBACK, PUBREC, PUBREL, or PUBCOMP packet MUST contain the same Packet Identifier as the PUBLISH packet that was originally sent. |
[MQTT-2.2.1-6] | A SUBACK and UNSUBACK MUST contain the Packet Identifier that was used in the corresponding SUBSCRIBE and UNSUBSCRIBE packet respectively. |
[MQTT-2.2.2-1] | If there are no properties, this MUST be indicated by including a Property Length of zero. |
[MQTT-3.1.0-1] | After a Network Connection is established by a Client to a Server, the first packet sent from the Client to the Server MUST be a CONNECT packet. |
[MQTT-3.1.0-2] | The Server MUST process a second CONNECT packet sent from a Client as a Protocol Error and close the Network Connection. |
[MQTT-3.1.2-1] | The protocol name MUST be the UTF-8 String "MQTT". If the Server does not want to accept the CONNECT, and wishes to reveal that it is an MQTT Server it MAY send a CONNACK packet with Reason Code of 0x84 (Unsupported Protocol Version), and then it MUST close the Network Connection. |
[MQTT-3.1.2-2] | If the Protocol Version is not 5 and the Server does not want to accept the CONNECT packet, the Server MAY send a CONNACK packet with Reason Code 0x84 (Unsupported Protocol Version) and then MUST close the Network Connection |
[MQTT-3.1.2-3] | The Server MUST validate that the reserved flag in the CONNECT packet is set to 0. |
[MQTT-3.1.2-4] | If a CONNECT packet is received with Clean Start is set to 1, the Client and Server MUST discard any existing Session and start a new Session. |
[MQTT-3.1.2-5] | If a CONNECT packet is received with Clean Start set to 0 and there is a Session associated with the Client Identifier, the Server MUST resume communications with the Client based on state from the existing Session. |
[MQTT-3.1.2-6] | If a CONNECT packet is received with Clean Start set to 0 and there is no Session associated with the Client Identifier, the Server MUST create a new Session. |
[MQTT-3.1.2-7] | If the Will Flag is set to 1 this indicates that, a Will Message MUST be stored on the Server and associated with the Session. |
[MQTT-3.1.2-8] | The Will Message MUST be published after the Network Connection is subsequently closed and either the Will Delay Interval has elapsed or the Session ends, unless the Will Message has been deleted by the Server on receipt of a DISCONNECT packet with Reason Code 0x00 (Normal disconnection) or a new Network Connection for the ClientID is opened before the Will Delay Interval has elapsed. |
[MQTT-3.1.2-9] | If the Will Flag is set to 1, the Will QoS and Will Retain fields in the Connect Flags will be used by the Server, and the Will Properties, Will Topic and Will Message fields MUST be present in the Payload. |
[MQTT-3.1.2-10] | The Will Message MUST be removed from the stored Session State in the Server once it has been published or the Server has received a DISCONNECT packet with a Reason Code of 0x00 (Normal disconnection) from the Client. |
[MQTT-3.1.2-11] | If the Will Flag is set to 0, then the Will QoS MUST be set to 0 (0x00). |
[MQTT-3.1.2-12] | If the Will Flag is set to 1, the value of Will QoS can be 0 (0x00), 1 (0x01), or 2 (0x02). |
[MQTT-3.1.2-13] | If the Will Flag is set to 0, then Will Retain MUST be set to 0. |
[MQTT-3.1.2-14] | If the Will Flag is set to 1 and Will Retain is set to 0, the Server MUST publish the Will Message as a non-retained message. |
[MQTT-3.1.2-15] | If the Will Flag is set to 1 and Will Retain is set to 1, the Server MUST publish the Will Message as a retained message. |
[MQTT-3.1.2-16] | If the User Name Flag is set to 0, a User Name MUST NOT be present in the Payload. |
[MQTT-3.1.2-17] | If the User Name Flag is set to 1, a User Name MUST be present in the Payload. |
[MQTT-3.1.2-18] | If the Password Flag is set to 0, a Password MUST NOT be present in the Payload. |
[MQTT-3.1.2-19] | If the Password Flag is set to 1, a Password MUST be present in the Payload. |
[MQTT-3.1.2-20] | If Keep Alive is non-zero and in the absence of sending any other MQTT Control Packets, the Client MUST send a PINGREQ packet. |
[MQTT-3.1.2-21] | If the Server returns a Server Keep Alive on the CONNACK packet, the Client MUST use that value instead of the value it sent as the Keep Alive. |
[MQTT-3.1.2-22] | If the Keep Alive value is non-zero and the Server does not receive an MQTT Control Packet from the Client within one and a half times the Keep Alive time period, it MUST close the Network Connection to the Client as if the network had failed. |
[MQTT-3.1.2-23] | The Client and Server MUST store the Session State after the Network Connection is closed if the Session Expiry Interval is greater than 0. |
[MQTT-3.1.2-24] | The Server MUST NOT send packets exceeding Maximum Packet Size to the Client. |
[MQTT-3.1.2-25] | Where a Packet is too large to send, the Server MUST discard it without sending it and then behave as if it had completed sending that Application Message. |
[MQTT-3.1.2-26] | The Server MUST NOT send a Topic Alias in a PUBLISH packet to the Client greater than Topic Alias Maximum. |
[MQTT-3.1.2-27] | If Topic Alias Maximum is absent or zero, the Server MUST NOT send any Topic Aliases to the. |
[MQTT-3.1.2-28] | A value of 0 indicates that the Server MUST NOT return Response Information. |
[MQTT-3.1.2-29] | If the value of Request Problem Information is 0, the Server MAY return a Reason String or User Properties on a CONNACK or DISCONNECT packet, but MUST NOT send a Reason String or User Properties on any packet other than PUBLISH, CONNACK, or DISCONNECT. |
[MQTT-3.1.2-30] | If a Client sets an Authentication Method in the CONNECT, the Client MUST NOT send any packets other than AUTH or DISCONNECT packets until it has received a CONNACK packet. |
[MQTT-3.1.3-1] | The Payload of the CONNECT packet contains one or more length-prefixed fields, whose presence is determined by the flags in the Variable Header. These fields, if present, MUST appear in the order Client Identifier, Will Topic, Will Message, User Name, Password. |
[MQTT-3.1.3-2] | The ClientID MUST be used by Clients and by Servers to identify state that they hold relating to this MQTT Session between the Client and the Server. |
[MQTT-3.1.3-3] | The ClientID MUST be present and is the first field in the CONNECT packet Payload. |
[MQTT-3.1.3-4] | The ClientID MUST be a UTF-8 Encoded String. |
[MQTT-3.1.3-5] | The Server MUST allow ClientID’s which are between 1 and 23 UTF-8 encoded bytes in length, and that contain only the characters
"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ". |
[MQTT-3.1.3-6] | A Server MAY allow a Client to supply a ClientID that has a length of zero bytes, however if it does so the Server MUST treat this as a special case and assign a unique ClientID to that Client. |
[MQTT-3.1.3-7] | It MUST then process the CONNECT packet as if the Client had provided that unique ClientID, and MUST return the Assigned Client Identifier in the CONNACK packet. |
[MQTT-3.1.3-8] | If the Server rejects the ClientID it MAY respond to the CONNECT packet with a CONNACK using Reason Code 0x85 (Client Identifier not valid) as described in section 4.13 Handling errors, and then it MUST close the Network Connection. |
[MQTT-3.1.3-9] | If a new Network Connection to this Session is made before the Will Delay Interval has passed, the Server MUST NOT send the Will Message. |
[MQTT-3.1.3-10] | The Server MUST maintain the order of User Properties when forwarding the Application Message. |
[MQTT-3.1.3-11] | The Will Topic MUST be a UTF-8 Encoded String. |
[MQTT-3.1.3-12] | If the User Name Flag is set to 1, the User Name is the next field in the Payload. The User Name MUST be a UTF-8 Encoded String. |
[MQTT-3.1.4-1] | The Server MUST validate that the CONNECT packet matches the format described in section 3.1 and close the Network Connection if it does not match. |
[MQTT-3.1.4-2] | The Server MAY check that the contents of the CONNECT packet meet any further restrictions and SHOULD perform authentication and authorization checks. If any of these checks fail, it MUST close the Network Connection. |
[MQTT-3.1.4-3] | If the ClientID represents a Client already connected to the Server, the Server sends a DISCONNECT packet to the existing Client with Reason Code of 0x8E (Session taken over) as described in section 4.13 and MUST close the Network Connection of the existing Client. |
[MQTT-3.1.4-4] | The Server MUST perform the processing of Clean Start. |
[MQTT-3.1.4-5] | The Server MUST acknowledge the CONNECT packet with a CONNACK packet containing a 0x00 (Success) Reason Code. |
[MQTT-3.1.4-6] | If the Server rejects the CONNECT, it MUST NOT process any data sent by the Client after the CONNECT packet except AUTH packets. |
[MQTT-3.2.0-1] | The Server MUST send a CONNACK with a 0x00 (Success) Reason Code before sending any Packet other than AUTH. |
[MQTT-3.2.0-2] | The Server MUST NOT send more than one CONNACK in a Network Connection. |
[MQTT-3.2.2-1] | Byte 1 is the "Connect Acknowledge Flags". Bits 7-1 are reserved and MUST be set to 0. |
[MQTT-3.2.2-2] | If the Server accepts a connection with Clean Start set to 1, the Server MUST set Session Present to 0 in the CONNACK packet in addition to setting a 0x00 (Success) Reason Code in the CONNACK packet. |
[MQTT-3.2.2-3] | If the Server accepts a connection with Clean Start set to 0 and the Server has Session State for the ClientID, it MUST set Session Present to 1 in the CONNACK packet, otherwise it MUST set Session Present to 0 in the CONNACK packet. In both cases it MUST set a 0x00 (Success) Reason Code in the CONNACK packet. |
[MQTT-3.2.2-4] | If the Client does not have Session State and receives Session Present set to 1 it MUST close the Network Connection. |
[MQTT-3.2.2-5] | If the Client does have Session State and receives Session Present set to 0 it MUST discard its Session State if it continues with the Network Connection. |
[MQTT-3.2.2-6] | If a Server sends a CONNACK packet containing a non-zero Reason Code it MUST set Session Present to 0. |
[MQTT-3.2.2-7] | If a Server sends a CONNACK packet containing a Reason code of 0x80 or greater it MUST then close the Network Connection. |
[MQTT-3.2.2-8] | The Server sending the CONNACK packet MUST use one of the Connect Reason Code values. |
[MQTT-3.2.2-9] | If a Server does not support QoS 1 or QoS 2 PUBLISH packets it MUST send a Maximum QoS in the CONNACK packet specifying the highest QoS it supports. |
[MQTT-3.2.2-10] | A Server that does not support QoS 1 or QoS 2 PUBLISH packets MUST still accept SUBSCRIBE packets containing a Requested QoS of 0, 1 or 2. |
[MQTT-3.2.2-11] | If a Client receives a Maximum QoS from a Server, it MUST NOT send PUBLISH packets at a QoS level exceeding the Maximum QoS level specified. |
[MQTT-3.2.2-12] | If a Server receives a CONNECT packet containing a Will QoS that exceeds its capabilities, it MUST reject the connection. It SHOULD use a CONNACK packet with Reason Code 0x9B (QoS not supported) as described in section 4.13 Handling errors, and MUST close the Network Connection. |
[MQTT-3.2.2-13] | If a Server receives a CONNECT packet containing a Will Message with the Will Retain 1, and it does not support retained messages, the Server MUST reject the connection request. It SHOULD send CONNACK with Reason Code 0x9A (Retain not supported) and then it MUST close the Network Connection. |
[MQTT-3.2.2-14] | A Client receiving Retain Available set to 0 from the Server MUST NOT send a PUBLISH packet with the RETAIN flag set to 1. |
[MQTT-3.2.2-15] | The Client MUST NOT send packets exceeding Maximum Packet Size to the Server. |
[MQTT-3.2.2-16] | If the Client connects using a zero length Client Identifier, the Server MUST respond with a CONNACK containing an Assigned Client Identifier. The Assigned Client Identifier MUST be a new Client Identifier not used by any other Session currently in the Server. |
[MQTT-3.2.2-17] | The Client MUST NOT send a Topic Alias in a PUBLISH packet to the Server greater than this value. |
[MQTT-3.2.2-18] | Topic Alias Maximum is absent, the Client MUST NOT send any Topic Aliases on to the Server. |
[MQTT-3.2.2-19] | The Server MUST NOT send this property if it would increase the size of the CONNACK packet beyond the Maximum Packet Size specified by the Client. |
[MQTT-3.2.2-20] | The Server MUST NOT send this property if it would increase the size of the CONNACK packet beyond the Maximum Packet Size specified by the Client. |
[MQTT-3.2.2-21] | If the Server sends a Server Keep Alive on the CONNACK packet, the Client MUST use this value instead of the Keep Alive value the Client sent on CONNECT. |
[MQTT-3.2.2-22] | If the Server does not send the Server Keep Alive, the Server MUST use the Keep Alive value set by the Client on CONNECT. |
[MQTT-3.3.1-1] | The DUP flag MUST be set to 1 by the Client or Server when it attempts to re-deliver a PUBLISH packet. |
[MQTT-3.3.1-2] | The DUP flag MUST be set to 0 for all QoS 0 messages. |
[MQTT-3.3.1-3] | The DUP flag in the outgoing PUBLISH packet is set independently to the incoming PUBLISH packet, its value MUST be determined solely by whether the outgoing PUBLISH packet is a retransmission. |
[MQTT-3.3.1-4] | A PUBLISH Packet MUST NOT have both QoS bits set to 1. |
[MQTT-3.3.1-5] | If the RETAIN flag is set to 1 in a PUBLISH packet sent by a Client to a Server, the Server MUST replace any existing retained message for this topic and store the Application Message. |
[MQTT-3.3.1-6] | If the Payload contains zero bytes it is processed normally by the Server but any retained message with the same topic name MUST be removed and any future subscribers for the topic will not receive a retained message. |
[MQTT-3.3.1-7] | A retained message with a Payload containing zero bytes MUST NOT be stored as a retained message on the Server. |
[MQTT-3.3.1-8] | If the RETAIN flag is 0 in a PUBLISH packet sent by a Client to a Server, the Server MUST NOT store the message as a retained message and MUST NOT remove or replace any existing retained message. |
[MQTT-3.3.1-9] | If Retain Handling is set to 0 the Server MUST send the retained messages matching the Topic Filter of the subscription to the Client. |
[MQTT-3.3.1-10] | If Retain Handling is set to 1 then if the subscription did already exist, the Server MUST send all retained message matching the Topic Filter of the subscription to the Client, and if the subscription did not exist, the Server MUST NOT send the retained messages. |
[MQTT-3.3.1-11] | If Retain Handling is set to 2, the Server MUST NOT send the retained |
[MQTT-3.3.1-12] | If the value of Retain As Published subscription option is set to 0, the Server MUST set the RETAIN flag to 0 when forwarding an Application Message regardless of how the RETAIN flag was set in the received PUBLISH packet. |
[MQTT-3.3.1-13] | If the value of Retain As Published subscription option is set to 1, the Server MUST set the RETAIN flag equal to the RETAIN flag in the received PUBLISH packet. |
[MQTT-3.3.2-1] | The Topic Name MUST be present as the first field in the PUBLISH packet Variable Header. It MUST be a UTF-8 Encoded String. |
[MQTT-3.3.2-2] | The Topic Name in the PUBLISH packet MUST NOT contain wildcard characters. |
[MQTT-3.3.2-3] | The Topic Name in a PUBLISH packet sent by a Server to a subscribing Client MUST match the Subscription’s Topic Filter. |
[MQTT-3.3.2-4] | A Server MUST send the Payload Format Indicator unaltered to all subscribers receiving the message. |
[MQTT-3.3.2-5] | If the Message Expiry Interval has passed and the Server has not managed to start onward delivery to a matching subscriber, then it MUST delete the copy of the message for that subscriber. |
[MQTT-3.3.2-6] | The PUBLISH packet sent to a Client by the Server MUST contain a Message Expiry Interval set to the received value minus the time that the message has been waiting in the Server. |
[MQTT-3.3.2-7] | A receiver MUST NOT carry forward any Topic Alias mappings from one Network Connection to another. |
[MQTT-3.3.2-8] | A sender MUST NOT send a PUBLISH packet containing a Topic Alias which has the value 0. |
[MQTT-3.3.2-9] | A Client MUST NOT send a PUBLISH packet with a Topic Alias greater than the Topic Alias Maximum value returned by the Server in the CONNACK packet. |
[MQTT-3.3.2-10] | A Client MUST accept all Topic Alias values greater than 0 and less than or equal to the Topic Alias Maximum value that it sent in the CONNECT packet. |
[MQTT-3.3.2-11] | A Server MUST NOT send a PUBLISH packet with a Topic Alias greater than the Topic Alias Maximum value sent by the Client in the CONNECT packet. |
[MQTT-3.3.2-12] | A Server MUST accept all Topic Alias values greater than 0 and less than or equal to the Topic Alias Maximum value that it returned in the CONNACK packet. |
[MQTT-3.3.2-13] | The Response Topic MUST be a UTF-8 Encoded String. |
[MQTT-3.3.2-14] | The Response Topic MUST NOT contain wildcard characters. |
[MQTT-3.3.2-15] | The Server MUST send the Response Topic unaltered to all subscribers receiving the Application Message. |
[MQTT-3.3.2-16] | The Server MUST send the Correlation Data unaltered to all subscribers receiving the Application Message. |
[MQTT-3.3.2-17] | The Server MUST send all User Properties unaltered in a PUBLISH packet when forwarding the Application Message to a Client. |
[MQTT-3.3.2-18] | The Server MUST maintain the order of User Properties when forwarding the Application Message. |
[MQTT-3.3.2-19] | The Content Type MUST be a UTF-8 Encoded String. |
[MQTT-3.3.2-20] | A Server MUST send the Content Type unaltered to all subscribers receiving the Application Message. |
[MQTT-3.3.4-1] | The receiver of a PUBLISH Packet MUST respond with the packet as determined by the QoS in the PUBLISH Packet. |
[MQTT-3.3.4-2] | In this case the Server MUST deliver the message to the Client respecting the maximum QoS of all the matching subscriptions. |
[MQTT-3.3.4-3] | If the Client specified a Subscription Identifier for any of the overlapping subscriptions the Server MUST send those Subscription Identifiers in the message which is published as the result of the subscriptions. |
[MQTT-3.3.4-4] | If the Server sends a single copy of the message it MUST include in the PUBLISH packet the Subscription Identifiers for all matching subscriptions which have a Subscription Identifiers, their order is not significant. |
[MQTT-3.3.4-5] | If the Server sends multiple PUBLISH packets it MUST send, in each of them, the Subscription Identifier of the matching subscription if it has a Subscription Identifier. |
[MQTT-3.3.4-6] | A PUBLISH packet sent from a Client to a Server MUST NOT contain a Subscription Identifier. |
[MQTT-3.3.4-7] | The Client MUST NOT send more than Receive Maximum QoS 1 and QoS 2 PUBLISH packets for which it has not received PUBACK, PUBCOMP, or PUBREC with a Reason Code of 128 or greater from the Server. |
[MQTT-3.3.4-8] | The Client MUST NOT delay the sending of any packets other than PUBLISH packets due to having sent Receive Maximum PUBLISH packets without receiving acknowledgements for them. |
[MQTT-3.3.4-9] | The Server MUST NOT send more than Receive Maximum QoS 1 and QoS 2 PUBLISH packets for which it has not received PUBACK, PUBCOMP, or PUBREC with a Reason Code of 128 or greater from the Client. |
[MQTT-3.3.4-10] | The Server MUST NOT delay the sending of any packets other than PUBLISH packets due to having sent Receive Maximum PUBLISH packets without receiving acknowledgements for them. |
[MQTT-3.4.2-1] | The Client or Server sending the PUBACK packet MUST use one of the PUBACK Reason Codes. |
[MQTT-3.4.2-2] | The sender MUST NOT send this property if it would increase the size of the PUBACK packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-3.4.2-3] | The sender MUST NOT send this property if it would increase the size of the PUBACK packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-3.5.2-1] | The Client or Server sending the PUBREC packet MUST use one of the PUBREC Reason Codes. |
[MQTT-3.5.2-2] | The sender MUST NOT send this property if it would increase the size of the PUBREC packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-3.5.2-3] | The sender MUST NOT send this property if it would increase the size of the PUBREC packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-3.6.1-1] | Bits 3,2,1 and 0 of the Fixed Header in the PUBREL packet are reserved and MUST be set to 0,0,1 and 0 respectively. The Server MUST treat any other value as malformed and close the Network Connection. |
[MQTT-3.6.2-1] | The Client or Server sending the PUBREL packet MUST use one of the PUBREL Reason Codes. |
[MQTT-3.6.2-2] | The sender MUST NOT send this Property if it would increase the size of the PUBREL packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-3.6.2-3] | The sender MUST NOT send this property if it would increase the size of the PUBREL packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-3.7.2-1] | The Client or Server sending the PUBCOMP packets MUST use one of the PUBCOMP Reason Codes. |
[MQTT-3.7.2-2] | The sender MUST NOT use this Property if it would increase the size of the PUBCOMP packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-3.7.2-3] | The sender MUST NOT send this property if it would increase the size of the PUBCOMP packet beyond the Maximum Packet Size specified by receiver. |
[MQTT-3.8.1-1] | Bits 3,2,1 and 0 of the Fixed Header of the SUBSCRIBE packet are reserved and MUST be set to 0,0,1 and 0 respectively. The Server MUST treat any other value as malformed and close the Network Connection |
[MQTT-3.8.3-1] | The Topic Filters MUST be a UTF-8 Encoded String. |
[MQTT-3.8.3-2] | The Payload MUST contain at least one Topic Filter and Subscription Options pair. |
[MQTT-3.8.3-3] | Bit 2 of the Subscription Options represents the No Local option. If the value is 1, Application Messages MUST NOT be forwarded to a connection with a ClientID equal to the ClientID of the publishing connection. |
[MQTT-3.8.3-4] | It is a Protocol Error to set the No Local bit to 1 on a Shared Subscription. |
[MQTT-3.8.3-5] | The Server MUST treat a SUBSCRIBE packet as malformed if any of Reserved bits in the Payload are non-zero. |
[MQTT-3.8.4-1] | When the Server receives a SUBSCRIBE packet from a Client, the Server MUST respond with a SUBACK packet. |
[MQTT-3.8.4-2] | The SUBACK packet MUST have the same Packet Identifier as the SUBSCRIBE packet that it is acknowledging. |
[MQTT-3.8.4-3] | If a Server receives a SUBSCRIBE packet containing a Topic Filter that is identical to a Non‑shared Subscription’s Topic Filter for the current Session then it MUST replace that existing Subscription with a new Subscription. |
[MQTT-3.8.4-4] | If the Retain Handling option is 0, any existing retained messages matching the Topic Filter MUST be re-sent,but Application Messages MUST NOT be lost due to replacing the Subscription. |
[MQTT-3.8.4-5] | If a Server receives a SUBSCRIBE packet that contains multiple Topic Filters it MUST handle that packet as if it had received a sequence of multiple SUBSCRIBE packets, except that it combines their responses into a single SUBACK response. |
[MQTT-3.8.4-6] | The SUBACK packet sent by the Server to the Client MUST contain a Reason Code for each Topic Filter/Subscription Option pair. |
[MQTT-3.8.4-7] | This Reason Code MUST either show the maximum QoS that was granted for that Subscription or indicate that the subscription failed. |
[MQTT-3.8.4-8] | The QoS of Payload Messages sent in response to a Subscription MUST be the minimum of the QoS of the originally published message and the Maximum QoS granted by the Server. |
[MQTT-3.9.2-1] | The Server MUST NOT send this Property if it would increase the size of the SUBACK packet beyond the Maximum Packet Size specified by the Client. |
[MQTT-3.9.2-2] | The Server MUST NOT send this property if it would increase the size of the SUBACK packet beyond the Maximum Packet Size specified by the Client. |
[MQTT-3.9.3-1] | The order of Reason Codes in the SUBACK packet MUST match the order of Topic Filters in the SUBSCRIBE packet. |
[MQTT-3.9.3-2] | The Server sending the SUBACK packet MUST send one of the Subscribe Reason Code values for each Topic Filter received. |
[MQTT-3.10.1-1] | Bits 3,2,1 and 0 of the Fixed Header of the UNSUBSCRIBE packet are reserved and MUST be set to 0,0,1 and 0 respectively. The Server MUST treat any other value as malformed and close the Network Connection |
[MQTT-3.10.3-1] | The Topic Filters in an UNSUBSCRIBE packet MUST be UTF-8 Encoded Strings. |
[MQTT-3.10.3-2] | The Payload of an UNSUBSCRIBE packet MUST contain at least one Topic Filter. |
[MQTT-3.10.4-1] | The Topic Filters (whether they contain wildcards or not) supplied in an UNSUBSCRIBE packet MUST be compared character-by-character with the current set of Topic Filters held by the Server for the Client. If any filter matches exactly then its owning Subscription MUST be deleted. |
[MQTT-3.10.4-2] | When a Server receives UNSUBSCRIBE It MUST stop adding any new messages which match the Topic Filters, for delivery to the Client. |
[MQTT-3.10.4-3] | When a Server receives UNSUBSCRIBE It MUST complete the delivery of any QoS 1 or QoS 2 messages which match the Topic Filters and it has started to send to the Client. |
[MQTT-3.10.4-4] | The Server MUST respond to an UNSUBSCRIBE request by sending an UNSUBACK packet. |
[MQTT-3.10.4-5] | The UNSUBACK packet MUST have the same Packet Identifier as the UNSUBSCRIBE packet. Even where no Topic Subscriptions are deleted, the Server MUST respond with an UNSUBACK. |
[MQTT-3.10.4-6] | If a Server receives an UNSUBSCRIBE packet that contains multiple Topic Filters, it MUST process that packet as if it had received a sequence of multiple UNSUBSCRIBE packets, except that it sends just one UNSUBACK response. |
[MQTT-3.11.2-1] | The Server MUST NOT send this Property if it would increase the size of the UNSUBACK packet beyond the Maximum Packet Size specified by the Client. |
[MQTT-3.11.2-2] | The Server MUST NOT send this property if it would increase the size of the UNSUBACK packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-3.11.3-1] | The order of Reason Codes in the UNSUBACK packet MUST match the order of Topic Filters in the UNSUBSCRIBE packet. |
[MQTT-3.11.3-2] | The Server sending the UNSUBACK packet MUST use one of the UNSUBSCRIBE Reason Code values for each Topic Filter received. |
[MQTT-3.12.4-1] | The Server MUST send a PINGRESP packet in response to a PINGREQ packet. |
[MQTT-3.14.0-1] | A Server MUST NOT send a DISCONNECT until after it has sent a CONNACK with Reason Code of less than 0x80. |
[MQTT-3.14.1-1] | The Client or Server MUST validate that reserved bits are set to 0. If they are not zero it sends a DISCONNECT packet with a Reason code of 0x81 (Malformed Packet). |
[MQTT-3.14.2-1] | The Client or Server sending the DISCONNECT packet MUST use one of the DISCONNECT Reason Codes. |
[MQTT-3.14.2-2] | The Session Expiry Interval MUST NOT be sent on a DISCONNECT by the Server. |
[MQTT-3.14.2-3] | The sender MUST NOT use this Property if it would increase the size of the DISCONNECT packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-3.14.2-4] | The sender MUST NOT send this property if it would increase the size of the DISCONNECT packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-3.14.4-1] | After sending a DISCONNECT packet the sender MUST NOT send any more MQTT Control Packets on that Network Connection. |
[MQTT-3.14.4-2] | After sending a DISCONNECT packet the sender MUST close the Network Connection. |
[MQTT-3.14.4-3] | On receipt of DISCONNECT with a Reason Code of 0x00 (Success) the Server MUST discard any Will Message associated with the current Connection without publishing it. |
[MQTT-3.15.1-1] | Bits 3,2,1 and 0 of the Fixed Header of the AUTH packet are reserved and MUST all be set to 0. The Client or Server MUST treat any other value as malformed and close the Network Connection. |
[MQTT-3.15.2-1] | The sender of the AUTH Packet MUST use one of the Authenticate Reason Codes. |
[MQTT-3.15.2-2] | The sender MUST NOT send this property if it would increase the size of the AUTH packet beyond the Maximum Packet Size specified by the receiver |
[MQTT-3.15.2-3] | The sender MUST NOT send this property if it would increase the size of the AUTH packet beyond the Maximum Packet Size specified by the receiver. |
[MQTT-4.1.0-1] | The Client and Server MUST NOT discard the Session State while the Network Connection is open. |
[MQTT-4.2.0-1] | A Client or Server MUST support the use of one or more underlying transport protocols that provide an ordered, lossless, stream of bytes from the Client to Server and Server to Client. |
[MQTT-4.1.0-2] | The Server MUST discard the Session State when the Network Connection is closed and the Session Expiry Interval has passed. |
[MQTT-4.3.1-1] | In the QoS 0 delivery protocol, the sender MUST send a PUBLISH packet with QoS 0 and DUP flag set to 0. |
[MQTT-4.3.2-1] | In the QoS 1 delivery protocol, the sender MUST assign an unused Packet Identifier each time it has a new Application Message to publish. |
[MQTT-4.3.2-2] | In the QoS 1 delivery protocol, the sender MUST send a PUBLISH packet containing this Packet Identifier with QoS 1 and DUP flag set to 0. |
[MQTT-4.3.2-3] | In the QoS 1 delivery protocol, the sender MUST treat the PUBLISH packet as “unacknowledged” until it has received the corresponding PUBACK packet from the receiver. |
[MQTT-4.3.2-4] | In the QoS 1 delivery protocol, the receiver MUST respond with a PUBACK packet containing the Packet Identifier from the incoming PUBLISH packet, having accepted ownership of the Application Message. |
[MQTT-4.3.2-5] | In the QoS 1 delivery protocol, the receiver after it has sent a PUBACK packet the receiver MUST treat any incoming PUBLISH packet that contains the same Packet Identifier as being a new Application Message, irrespective of the setting of its DUP flag. |
[MQTT-4.3.3-1] | In the QoS 2 delivery protocol, the sender MUST assign an unused Packet Identifier when it has a new Application Message to publish. |
[MQTT-4.3.3-2] | In the QoS 2 delivery protocol, the sender MUST send a PUBLISH packet containing this Packet Identifier with QoS 2 and DUP flag set to 0. |
[MQTT-4.3.3-3] | In the QoS 2 delivery protocol, the sender MUST treat the PUBLISH packet as “unacknowledged” until it has received the corresponding PUBREC packet from the receiver. |
[MQTT-4.3.3-4] | In the QoS 2 delivery protocol, the sender MUST send a PUBREL packet when it receives a PUBREC packet from the receiver with a Reason Code value less than 0x80. This PUBREL packet MUST contain the same Packet Identifier as the original PUBLISH packet. |
[MQTT-4.3.3-5] | In the QoS 2 delivery protocol, the sender MUST treat the PUBREL packet as “unacknowledged” until it has received the corresponding PUBCOMP packet from the receiver. |
[MQTT-4.3.3-6] | In the QoS 2 delivery protocol, the sender MUST NOT re-send the PUBLISH once it has sent the corresponding PUBREL packet. |
[MQTT-4.3.3-7] | In the QoS 2 delivery protocol, the sender MUST NOT apply Application Message expiry if a PUBLISH packet has been sent. |
[MQTT-4.3.3-8] | In the QoS 2 delivery protocol, the receiver MUST respond with a PUBREC containing the Packet Identifier from the incoming PUBLISH packet, having accepted ownership of the Application Message. |
[MQTT-4.3.3-9] | In the QoS 2 delivery protocol, the receiver if it has sent a PUBREC with a Reason Code of 0x80 or greater, the receiver MUST treat any subsequent PUBLISH packet that contains that Packet Identifier as being a new Application Message. |
[MQTT-4.3.3-10] | In the QoS 2 delivery protocol, the receiver until it has received the corresponding PUBREL packet, the receiver MUST acknowledge any subsequent PUBLISH packet with the same Packet Identifier by sending a PUBREC. It MUST NOT cause duplicate messages to be delivered to any onward recipients in this case. |
[MQTT-4.3.3-11] | In the QoS 2 delivery protocol, the receiver MUST respond to a PUBREL packet by sending a PUBCOMP packet containing the same Packet Identifier as the PUBREL. |
[MQTT-4.3.3-12] | In the QoS 2 delivery protocol, the receiver After it has sent a PUBCOMP, the receiver MUST treat any subsequent PUBLISH packet that contains that Packet Identifier as being a new Application Message. |
[MQTT-4.3.3-13] | In the QoS 2 delivery protocol, the receiverMUST continue the QoS 2 acknowledgement sequence even if it has applied Application Message expiry. |
[MQTT-4.4.0-1] | When a Client reconnects with Clean Start set to 0 and a session is present, both the Client and Server MUST resend any unacknowledged PUBLISH packets (where QoS > 0) and PUBREL packets using their original Packet Identifiers. This is the only circumstance where a Client or Server is REQUIRED to resend messages. Clients and Servers MUST NOT resend messages at any other time. |
[MQTT-4.4.0-2] | If PUBACK or PUBREC is received containing a Reason Code of 0x80 or greater the corresponding PUBLISH packet is treated as acknowledged, and MUST NOT be retransmitted. |
[MQTT-4.5.0-1] | When a Server takes ownership of an incoming Application Message it MUST add it to the Session State for those Clients that have matching Subscriptions. |
[MQTT-4.5.0-2] | The Client MUST acknowledge any Publish packet it receives according to the applicable QoS rules regardless of whether it elects to process the Application Message that it contains. |
[MQTT-4.6.0-1] | When the Client re-sends any PUBLISH packets, it MUST re-send them in the order in which the original PUBLISH packets were sent (this applies to QoS 1 and QoS 2 messages). |
[MQTT-4.6.0-2] | The Client MUST send PUBACK packets in the order in which the corresponding PUBLISH packets were received (QoS 1 messages). |
[MQTT-4.6.0-3] | The Client MUST send PUBREC packets in the order in which the corresponding PUBLISH packets were received (QoS 2 messages). |
[MQTT-4.6.0-4] | The Client MUST send PUBREL packets in the order in which the corresponding PUBREC packets were received (QoS 2 messages). |
[MQTT-4.6.0-5] | When a Server processes a message that has been published to an Ordered Topic, it MUST send PUBLISH packets to consumers (for the same Topic and QoS) in the order that they were received from any given Client. |
[MQTT-4.6.0-6] | A Server MUST treat every, Topic as an Ordered Topic when it is forwarding messages on Non‑shared Subscriptions. |
[MQTT-4.7.0-1] | The wildcard characters can be used in Topic Filters, but MUST NOT be used within a Topic Name. |
[MQTT-4.7.1-1] | The multi-level wildcard character MUST be specified either on its own or following a topic level separator. In either case it MUST be the last character specified in the Topic Filter. |
[MQTT-4.7.1-2] | The single-level wildcard can be used at any level in the Topic Filter, including first and last levels. Where it is used, it MUST occupy an entire level of the filter. |
[MQTT-4.7.2-1] | The Server MUST NOT match Topic Filters starting with a wildcard character (# or +) with Topic Names beginning with a $ character. |
[MQTT-4.7.3-1] | All Topic Names and Topic Filters MUST be at least one character long. |
[MQTT-4.7.3-2] | Topic Names and Topic Filters MUST NOT include the null character (Unicode U+0000). |
[MQTT-4.7.3-3] | Topic Names and Topic Filters are UTF-8 Encoded Strings; they MUST NOT encode to more than 65,535 bytes. |
[MQTT-4.7.3-4] | When it performs subscription matching the Server MUST NOT perform any normalization of Topic Names or Topic Filters, or any modification or substitution of unrecognized characters. |
[MQTT-4.8.2-1] | A Shared Subscription's Topic Filter MUST start with $share/ and MUST contain a ShareName that is at least one character long. |
[MQTT-4.8.2-2] | The ShareName MUST NOT contain the characters "/", "+" or "#", but MUST be followed by a "/" character. This "/" character MUST be followed by a Topic Filter. |
[MQTT-4.8.2-3] | The Server MUST respect the granted QoS for the Clients subscription. |
[MQTT-4.8.2-4] | The Server MUST complete the delivery of the message to that Client when it reconnects. |
[MQTT-4.8.2-5] | If the Clients Session terminates before the Client reconnects, the Server MUST NOT send the Application Message to any other subscribed Client. |
[MQTT-4.8.2-6] | If a Client responds with a PUBACK or PUBREC containing a Reason Code of 0x80 or greater to a PUBLISH packet from the Server, the Server MUST discard the Application Message and not attempt to send it to any other Subscriber. |
[MQTT-4.9.0-1] | The Client or Server MUST set its initial send quota to a non-zero value not exceeding the Receive Maximum. |
[MQTT-4.9.0-2] | Each time the Client or Server sends a PUBLISH packet at QoS > 0, it decrements the send quota. If the send quota reaches zero, the Client or Server MUST NOT send any more PUBLISH packets with QoS > 0. |
[MQTT-4.9.0-3] | The Client and Server MUST continue to process and respond to all other MQTT Control Packets even if the quota is zero. |
[MQTT-4.12.0-1] | If the Server does not support the Authentication Method supplied by the Client, it MAY send a CONNACK with a Reason Code of 0x8C (Bad authentication method) or 0x87 (Not Authorized) as described in section 4.13 and MUST close the Network Connection. |
[MQTT-4.12.0-2] | If the Server requires additional information to complete the authorization, it can send an AUTH packet to the Client. This packet MUST contain a Reason Code of 0x18 (Continue authentication). |
[MQTT-4.12.0-3] | The Client responds to an AUTH packet from the Server by sending a further AUTH packet. This packet MUST contain a Reason Code of 0x18 (Continue authentication). |
[MQTT-4.12.0-4] | The Server can reject the authentication at any point in this process. It MAY send a CONNACK with a Reason Code of 0x80 or above as described in section 4.13, and MUST close the Network Connection. |
[MQTT-4.12.0-5] | If the initial CONNECT packet included an Authentication Method property then all AUTH packets, and any successful CONNACK packet MUST include an Authentication Method Property with the same value as in the CONNECT packet. |
[MQTT-4.12.0-6] | If the Client does not include an Authentication Method in the CONNECT, the Server MUST NOT send an AUTH packet, and it MUST NOT send an Authentication Method in the CONNACK packet. |
[MQTT-4.12.0-7] | If the Client does not include an Authentication Method in the CONNECT, the Client MUST NOT send an AUTH packet to the Server. |
[MQTT-4.12.1-1] | If the Client supplied an Authentication Method in the CONNECT packet it can initiate a re-authentication at any time after receiving a CONNACK. It does this by sending an AUTH packet with a Reason Code of 0x19 (Re-authentication). The Client MUST set the Authentication Method to the same value as the Authentication Method originally used to authenticate the Network Connection. |
[MQTT-4.12.1-2] | If the re-authentication fails, the Client or Server SHOULD send DISCONNECT with an appropriate Reason Code and MUST close the Network Connection. |
[MQTT-4.13.1-1] | When a Server detects a Malformed Packet or Protocol Error, and a Reason Code is given in the specification, it MUST close the Network Connection. |
[MQTT-4.13.2-1] | The CONNACK and DISCONNECT packets allow a Reason Code of 0x80 or greater to indicate that the Network Connection will be closed. If a Reason Code of 0x80 or greater is specified, then the Network Connection MUST be closed whether or not the CONNACK or DISCONNECT is sent. |
[MQTT-6.0.0-1] | MQTT Control Packets MUST be sent in WebSocket binary data frames. If any other type of data frame is received the recipient MUST close the Network Connection. |
[MQTT-6.0.0-2] | A single WebSocket data frame can contain multiple or partial MQTT Control Packets. The receiver MUST NOT assume that MQTT Control Packets are aligned on WebSocket frame boundaries. |
[MQTT-6.0.0-3] | The Client MUST include “mqtt” in the list of WebSocket Sub Protocols it offers. |
[MQTT-6.0.0-4] | The WebSocket Subprotocol name selected and returned by the Server MUST be “mqtt”. |
Appendix C. Summary of newfeatures in MQTT v5.0 (non-normative)
The following new features are added to MQTT v5.0
· Session expiry
Split the Clean Session flag into a Clean Start flag whichindicates that the session should start without using an existing session, anda Session Expiry interval which says how long to retain the session after adisconnect. The session expiry interval can be modified at disconnect. Settingof Clean Start to 1 and Session Expiry Interval to 0 is equivalent in MQTT v3.1.1of setting Clean Session to 1.
· Message expiry
Allow an expiry interval to be set when a message ispublished.
· Reason code on all ACKs
Change all response packets to contain a reason code. Thisinclude CONNACK, PUBACK, PUBREC, PUBREL, PUBCOMP, SUBACK, UNSUBACK, DISCONNECT,and AUTH. This allows the invoker to determine whether the requested functionsucceeded.
· Reason string on all ACKs
Change most packets with a reason code to also allow anoptional reason string. This is designed for problem determination and is notintended to be parsed by the receiver.
· Server disconnect
Allow DISCONNECT to be sent by the Server to indicate thereason the connection is closed.
· Payload format and content type
Allow the payload format (binary, text) and a MIME stylecontent type to be specified when a message is published. These are forwardedon to the receiver of the message.
· Request / Response
Formalize the request/response pattern within MQTT andprovide the Response Topic and Correlation Data properties to allow responsemessages to be routed back to the publisher of a request. Also, add the abilityfor the Client to get configuration information from the Server about how toconstruct the response topics.
· Shared Subscriptions
Add shared subscription support allowing for load balancedconsumers of a subscription
· Subscription ID
Allow a numeric subscription identifier to be specified ona SUBSCRIBE, and returned on the message when it is delivered. This allows theClient to determine which subscription or subscriptions caused the message tobe delivered.
· Topic Alias
Decrease the size of the MQTT packet overhead by allowingthe topic name to be abbreviated to a small integer. The Client and Serverindependently specify how many topic aliases they allow.
· Flow control
Allow the Client and Server to independently specify thenumber of outstanding reliable messages (QoS>0) they allow. The sender pausessending such messages to stay below this quota. This is used to limit the rateof reliable messages, and to limit how many are in flight at one time.
· User properties
Add User Properties to most packets. User properties onPUBLISH are included with the message and are defined by the Clientapplications. The user properties on PUBLISH and Will Properties are forwardedby the Server to the receiver of the message.Userproperties on the CONNECT, SUBSCRIBE, and UNSUBSCRIBE packets are defined bythe Server implementation. The user properties on CONNACK PUBACK, PUBREC,PUBREL, PUBCOMP, SUBACK, UNSUBACK and AUTH packets are defined by the sender,and are unique to the sender implementation. The meaning of user properties isnot defined by MQTT.
· Maximum Packet Size
Allow the Client and Server to independently specify themaximum packet size they support. It is an error for the session partner tosend a larger packet.
· Optional Server feature availability
Define a set of features which the Server does not allowand provide a mechanism for the Server to specify this to the Client. Thefeatures which can be specified in this way are: Maximum QoS, Retain Available,Wildcard Subscription Available, Subscription Identifier Available, and SharedSubscription Available. It is an error for the Client to use features that theServer has declared are not available.
It is possible in earlier versions of MQTT for a Server tonot implement a feature by declaring that the Client is not authorized for thatfunction. This feature allows such optional behavior to be declared and addsspecific Reason Codes when the Client uses one of these features anyway.
· Enhanced authentication
Provide a mechanism to enable challenge/response style authenticationincluding mutual authentication. This allows SASL style authentication to beused if supported by both Client and Server, and includes the ability for aClient to re-authenticate within a connection.
· Subscription options
Provide subscription options primarily defined to allow formessage bridge applications. These include an option to not send messagesoriginating on this Client (noLocal), and options for handling retainedmessages on subscribe.
· Will delay
Add the ability to specify a delay between the end of theconnection and sending the will message. This is designed so that if aconnection to the session is re-established then the will message is not sent.This allows for brief interruptions of the connection without notification toothers.
· Server Keep Alive
Allow the Server to specify the value it wishes the Clientto use as a keep alive. This allows the Server to set a maximum allowedkeepalive and still have the Client honor it.
· Assigned ClientID
In cases where the ClientID is assigned by the Server,return the assigned ClientID. This also lifts the restriction that Serverassigned ClientIDs can only be used with Clean Session=1 connections.
· Server reference
Allowthe Server to specify an alternate Server to use on CONNACK or DISCONNECT. Thiscan be used as a redirect or to do provisioning.
