文档反馈官招募中,报名立赚积分兑换代金券!> HOT
文档中心>消息队列 MQTT 版>开发指南>MQTT over QUIC

MQTT over QUIC

最近更新时间:2025-09-22 10:39:43

我的收藏

本页目录:

背景介绍

MQTT 协议仅需要传输层提供有序、无损、双向的通信。
The MQTT protocol requires an underlying transport that provides an ordered, lossless, stream of bytes from the Client to Server and Server to Client.

QUIC 协议能够满足 MQTT 对传输层要求,作为 HTTP 3.0 的传输层协议,它有以下关键特性:
更低延迟:QUIC设计融合了 TLS,实现了 0-RTT 等特性,有更低的连接延迟。
多路复用:QUIC 基于 UDP 实现,多个 stream 之间没有 TCP 的 head-of-line-blocking 问题。
连接迁移:QUIC 使用 Connection ID 维护会话,当五元组发生变更,可以通过连接迁移恢复会话,避免业务层有状态协议会话如 MQTT Session 会话重建。
弱网支持:更优秀的丢包处理算法、拥塞算法,让QUIC 更适合弱网环境使用。


MQTT over QUIC

注意:
MQTT over QUIC 目前仅提供实验性支持,不建议使用在生产环境。

接入点

协议
端口
ALPN
QUIC
14567
mqtt

示例

OpenSSL
openssl s_client -quic -connect mqtt-xxx.mqtt.tencenttdmq.com:14567 -alpn mqtt
样例输出
(base) ➜  rocketmq-mqtt git:(develop) ✗ openssl s_client -quic -connect mqtt-xxx.mqtt.tencenttdmq.com:14567 -alpn mqtt
Connecting to 127.0.0.1
CONNECTED(00000003)
depth=2 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
verify return:1
depth=1 C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA  [Run by the Issuer]
verify return:1
depth=0 CN=*.mqtt.tencenttdmq.com
verify return:1
---
Certificate chain
 0 s:CN=*.mqtt.tencenttdmq.com
   i:C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA  [Run by the Issuer]
   a:PKEY: RSA, 2048 (bit); sigalg: sha256WithRSAEncryption
   v:NotBefore: Apr  3 00:00:00 2025 GMT; NotAfter: May  3 23:59:59 2026 GMT
 1 s:C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA  [Run by the Issuer]
   i:C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
   a:PKEY: RSA, 2048 (bit); sigalg: sha384WithRSAEncryption
   v:NotBefore: Jan  8 00:00:00 2020 GMT; NotAfter: Jan  7 23:59:59 2030 GMT
 2 s:C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
   i:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
   a:PKEY: RSA, 4096 (bit); sigalg: sha384WithRSAEncryption
   v:NotBefore: Mar 12 00:00:00 2019 GMT; NotAfter: Dec 31 23:59:59 2028 GMT
 3 s:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
   i:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
   a:PKEY: RSA, 2048 (bit); sigalg: sha1WithRSAEncryption
   v:NotBefore: Jan  1 00:00:00 2004 GMT; NotAfter: Dec 31 23:59:59 2028 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgIRAOk884vcqqt0VUZvXONQjUIwDQYJKoZIhvcNAQELBQAw
XDELMAkGA1UEBhMCQ04xGjAYBgNVBAoTEVdvVHJ1cyBDQSBMaW1pdGVkMTEwLwYD
VQQDDChXb1RydXMgRFYgU2VydmVyIENBICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMB4X
...
G2RXytk2VY7FtvKNEc7x5YXLmz4AbRXrSapESXD47g5/0Q6OBohZCKBE5WuieIkG
AVL9lPHd3MdTLZ9do2xs/4m8EvDGv4Nlo0ORsEykU9gyvRVlN+fcVQwMhI6Y7kms
IpzYem8HiB8rfQCr7sMlLw==
-----END CERTIFICATE-----
subject=CN=*.mqtt.tencenttdmq.com
issuer=C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA  [Run by the Issuer]
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: rsa_pss_rsae_sha256
Peer Temp Key: X25519, 253 bits
---
SSL handshake has read 0 bytes and written 0 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Protocol: QUICv1
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
ALPN protocol: mqtt
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 
    Session-ID-ctx: 
    Resumption PSK: 
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1757900693
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0

使用限制

1. 仅支持 IETF RFC9000 QUIC,不支持早期 gQUIC;
2. 由于目前 MQTT over QUIC 还在实验性支持阶段,连接迁移还未完整支持。
中国站
目录