Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Load Balancing MQTT Connections





The Message Queuing Telemetry Transport Protocol (MQTT) is a lightweight open messaging protocol that provides low-bandwidth clients with a simple way to distribute telemetry information. The protocol employs a publish/subscribe communication pattern, which can be load balanced on the LoadMaster to multiple MQTT Broker servers/publishers.


Product: Any

Version: Any

Platform: Any

Application: MQTT Applications

Question/Problem Description:

How to configure a Virtual Service on the LoadMaster for load balancing MQTT Connections.

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  

The standard TCP ports required are port 1883 for non-encrypted communication and port 8883 for encrypted communication, which leverages Secure Sockets Layer (SSL)/Transport Layer Security (TLS). It would be recommended to consult the MQTT application vendor for clarity on port configurations and SSL/TLS compatibility before continuing.

Here are the steps involved for creating a non-encrypted Virtual Service over TCP port 1883, with the real servers also listening on TCP port 1883 on the LoadMaster:

  1. Create a new Virtual Service on the LoadMaster under Virtual Services > Add New.
  2. Enter an available IP address under Virtual Address, enter 1883 under Port, give a Service Name (Optional) and ensure that TCP is selected as the Protocol. Click Add this Virtual Service once completed. Below is an example of this configuration: mceclip0.png
  3. The Service Type should be preset as "Generic". Under Standard Options > Server Initiating Protocols set this to "Other Server Initiating" as below: mceclip1.png
  4. Navigate to the Real Servers section at the end, and add the servers on port 1883 by clicking Add New. Once the servers have been added, ensure the Real Server Check Method is set to "TCP Connection Only" and the Checked Port is set to "1883" as below: mceclip2.pngIf configured correctly, both servers should be in an "Up" state and passing their health checks. If not, please ensure that port 1883 is open on the servers and that all respective firewalls are allowing the communications between the LoadMaster and servers on this port.

For creating an SSL/TLS pass-through encrypted Virtual Service, repeat the steps above but instead use TCP port 8883 on the Virtual Service and on the real servers.


More Information on the MQTT Protocol:

Creating a Virtual Service on LoadMaster:

Was this article helpful?
0 out of 0 found this helpful