Mosquitto: Complete Definition and Guide

What is Mosquitto?

Eclipse Mosquitto is an open-source message broker that implements the MQTT (Message Queuing Telemetry Transport) protocol. Developed under the Eclipse Foundation, Mosquitto has become the reference for deploying lightweight MQTT brokers, whether on a Raspberry Pi, a Linux server, or in a Docker container. Its minimal memory footprint — just a few megabytes in operation — makes it particularly suited for edge computing deployments and resource-constrained environments.

The MQTT protocol operates on a publish/subscribe model: IoT devices publish messages to topics, and subscribers automatically receive messages from the topics they have subscribed to. Mosquitto acts as the intermediary (broker) that receives all published messages, filters topics, and redistributes messages to the relevant subscribers. This decoupling between data producers and consumers is fundamental to scalable IoT architectures.

Mosquitto supports all three MQTT Quality of Service (QoS) levels: QoS 0 (at most once), QoS 1 (at least once), and QoS 2 (exactly once). It also offers password authentication, TLS/SSL encryption, broker bridging, and message persistence for disconnected clients. These features make it a complete solution for securing and ensuring reliable IoT communications in production.

Why Mosquitto Matters

In the IoT ecosystem, the choice of MQTT broker is critical for the reliability, scalability, and security of the entire communication infrastructure. Mosquitto holds a central position for several reasons.

• Lightweight and performant: Mosquitto can handle tens of thousands of simultaneous connections with a memory footprint under 50 MB. This efficiency allows deployment both at the edge (on a LoRaWAN gateway) and in a central cloud.
• Open source and community: licensed under EPL/EDL, Mosquitto benefits from an active community and regular maintenance by the Eclipse Foundation. No dependency on a proprietary vendor.
• MQTT standard: by faithfully implementing the MQTT protocol, Mosquitto guarantees interoperability with the entire ecosystem — Paho clients, Python libraries, Arduino, ESP32, mobile applications, and cloud platforms.
• Flexible deployment: available as native packages for Linux, macOS, and Windows, as an official Docker image, and integrable into Kubernetes architectures. Mosquitto adapts to all deployment topologies.
• Built-in security: TLS/SSL support for encrypted communications, client certificate authentication, and granular ACLs (Access Control Lists) by topic and user.

How It Works

Mosquitto operates as a server listening on port 1883 (unencrypted MQTT) or 8883 (MQTT over TLS). IoT clients connect to the broker, authenticate, then can publish messages to hierarchical topics (e.g., building/floor1/temperature) or subscribe to topic patterns (e.g., building/+/temperature to receive all temperatures from all floors).

When a sensor publishes a message, Mosquitto receives it, checks the ACLs, identifies matching subscribers, and redistributes the message to them. If a subscriber is temporarily disconnected and has established a persistent session, Mosquitto stores pending messages and delivers them upon reconnection. This persistence mechanism is essential for IoT networks where connectivity may be intermittent.

Mosquitto configuration is done through a mosquitto.conf file that defines listeners (ports), protocols, TLS certificate files, authentication backends, and ACL rules. For distributed deployments, Mosquitto supports bridging: multiple Mosquitto instances can relay messages to each other, creating a network of brokers that extends geographic coverage or segments data domains.

Additionally, Mosquitto includes two command-line utilities — mosquitto_pub and mosquitto_sub — essential for testing and debugging MQTT flows during development.

Concrete Example

At KERN-IT, Mosquitto is a key component of our IoT architectures. For the R-fit connected fitness machine project, each device sends its sensor data (power, cadence, heart rate) via MQTT to a Mosquitto broker deployed in a Docker container. The broker redistributes this data in real-time to our Python backend (Flask or Django depending on the project), which persists it in the database, and simultaneously to dashboards displaying users' instant metrics.

For network monitoring projects like Venn Telecom, Mosquitto receives performance metrics from SD-WAN equipment deployed at client sites. LoRaWAN gateways collect field data and transmit it via MQTT to our central platform. Thanks to QoS 1, we guarantee that no critical alert is lost, even during temporary network disruptions. The entire stack — Mosquitto, Python, PostgreSQL, Grafana — forms a reliable and performant IoT data processing chain.

Implementation

1. Installation: deploy Mosquitto via Docker (docker run -p 1883:1883 eclipse-mosquitto), system packages, or a managed cloud service. Prefer Docker for environment reproducibility.
2. Security: configure TLS with a Let's Encrypt certificate, enable password or client certificate authentication, and define topic-based ACLs to segment access.
3. Topic architecture: design a logical and extensible topic hierarchy. For example: {project}/{device_id}/{sensor_type}. Avoid topics that are too flat or too deeply nested.
4. QoS selection: use QoS 0 for frequent telemetry data, QoS 1 for alerts and commands, and QoS 2 only for critical non-idempotent actions.
5. Monitoring: enable the $SYS/# system topic to monitor Mosquitto internal metrics (connection count, messages per second, memory usage).
6. Backend integration: connect the broker to your Python application using the Paho MQTT library to consume messages and persist them in the database.

Related Technologies and Tools

• MQTT: the lightweight messaging protocol that Mosquitto implements, the de facto standard for IoT.
• Docker: containerization for deploying and managing Mosquitto instances reproducibly.
• Python (Paho MQTT): MQTT client library for connecting Python applications to the Mosquitto broker.
• PostgreSQL / TimescaleDB: databases for persisting received MQTT messages, especially time-series sensor data.
• Grafana: visualization of IoT data collected via Mosquitto and stored in the database.
• LoRaWAN: long-range, low-power network whose gateways often transmit data via MQTT to a Mosquitto broker.

Conclusion

Eclipse Mosquitto is the reference MQTT broker for IoT projects demanding lightweight operation, reliability, and deployment flexibility. Its MQTT standard compliance, small memory footprint, and security features make it a natural choice for connecting sensors to the cloud, LoRaWAN gateways to data platforms, or network equipment to supervision systems. At KERN-IT, we deploy Mosquitto at the heart of our IoT architectures, integrating it with Python, PostgreSQL, and Grafana to build performant and scalable connected data platforms for our Belgian clients.