Connecting to mqtt broker failed

Hey,

during the quick installation I get an error after starting the LoRaserver.

I installed everything on a Raspberry Pi 3 with Raspbian Stretch.

When I type journalctl -u loraserver i get the following errormessage:

time=“2017-11-30T07:50:14+01:00” level=error msg=“backend/gateway: connecting to mqtt broker failed, will retry in 2s: Identifier rejected”

Steps so far:

Mosquitto configuration:

I added users:
sudo mosquitto_passwd /etc/mosquitto/pwd loragw
sudo mosquitto_passwd /etc/mosquitto/pwd loraserver
sudo mosquitto_passwd /etc/mosquitto/pwd loraappserver

With passwords:
mypassword1 for loragw
mypassword2 for loraserver
mypassword3 for loraappserver

PostgreSQL databases and users:

create role loraserver_as with login password ‘dbpassword’;
create role loraserver_ns with login password ‘dbpassword’;

create database loraserver_as with owner loraserver_as;
create database loraserver_ns with owner loraserver_ns;

Installing LoRa Gateway Bridge:

In the configuration file i only set UDP_BIND=0.0.0.0:1700

Installing LoRa Server:

Because I live in the EU i did set BAND=EU_863_870

BIND=localhost:8000

POSTGRES_DSN=postgres://loraserver_ns:dbpassword@localhost/loraserver_ns?sslmode=disable

I did not set GW_MQTT_USERNAME and GW_MQTT_PASSWORD

GW_SERVER_JWT_SECRET=openssl rand -base64 32

And now after starting the LoRa server and executing the journalctl -u loraserver command I get the error mentioned above.

I know in the guide it says

Note that you may see errors at this point along the lines of: error message

But my error doesnt look like that at all so I guessed it was not normal.

Can you help me ?

Cheers

It seems that you did setup MQTT users and passwords. Make sure you configure these also in the LoRa Gateway Bridge, LoRa Server and LoRa App Server configurations. See:

https://docs.loraserver.io/lora-gateway-bridge/install/config/
https://docs.loraserver.io/loraserver/install/config/
https://docs.loraserver.io/lora-app-server/install/config/

But do I have to set the username and password? In the configuration file it says (optional).

If I have to set a user what is the right user to set? Is it the loragw user ? Because in the /etc/default/loraserver file it says GW_MQTT_USERNAME and GW_MQTT_PASSWORD. In the /etc/default/lora-gateway-bridge file it says MQTT_USERNAME and MQTT_PASSWORD.

Cheers

Mosquitto / MQTT username and passwords are optional, but they become mandatory when you setup Mosquitto (or any other MQTT broker) to use user credentials :slight_smile: You could also (re)configure Mosquitto so that anonymous connections are allowed. You could use the mosquitto_sub command for testing from the command-line.

Ah ok :smiley:.
Sorry but I’m not quiet sure how to do this. Can you make an example for me please :sweat: ?
Where to put the credentials and how to do it exactly? It would be greatly appreciated :blush:.

Cheers

Can you make an example for the above mentioned?

You’ll find the complete mosquitto_sub documentation + some mosquitto_sub commands here: https://mosquitto.org/man/mosquitto_sub-1.html :slight_smile:

Hi,

I have the same error.
Do you solved it?
How to solved if?
Thank you.
mosquitto日志
This is mosquitto log.

Hi niushaolong,

no I did not solve my problem but I dont work on this at the moment. My spare time the last months was nearly 0 :smiley:.

Your problem is different than mine.

I am not a Linux everyday user but it looks like you have a problem with your file Permissions (maybe) ???

Maybe @brocaar can give you better inside on this

Cheers

Hello,
I need some help please.
The lora gateway installed on my gateway bridge is may be old … and as i can see it’s a binary file that i start like this:

  • /home/root/lora-gateway-bridge/bin/lora-gateway-bridge --udp-bind $UDP_HOST:$UDP_PORT --mqtt-server ssl://$MQTT_HOST:$MQTT_PORT mqtt-ca-cert $CERT --mqtt-username $USERNAME --mqtt-password $PASSWORD #2>&1 | $LOGGER &

I’m trying to connect to my remote mosquitto over tls, so from the physical gateway where is installed my gateway bridge to my mosquitto server and i got this error when i display status of my gateway bridge service:

  • Nov 30 17:19:38 lora-gateway-1 01-lora-gw-bridge-start.sh[1470]: time=“2018-11-30T17:19:38Z” level=info msg=“backend: connecting to mqtt broker” server=“ssl://<my_domain_name>:8883”
    Nov 30 17:19:38 lora-gateway-1 01-lora-gw-bridge-start.sh[1470]: time=“2018-11-30T17:19:38Z” level=error msg=“could not setup mqtt backend, retry in 2 seconds: Identifier rejected”

And on cloud side, where i’m using an nginx server to redirect locally (1883) all mqtt connection on port 8883, this error:

  • mosquitto_1 | 1543598376: New connection from 172.28.0.4 on port 1883.
    mosquitto_1 | 1543598376: Socket error on client , disconnecting.

An other point, the version of my gateway bridge is below:

Thanks a lot for your help …

What’s you mosquitto version? Have you tried connecting manually (e.g., with mosquitto_sub) from the gateway? Are you setting the client id?

This is an extract from latest mosquitto’s handle_connect.c and is the only place where the Identifier rejected error is thrown:

if(packet__read_string(&context->in_packet, &client_id, &slen)){
		rc = 1;
		goto handle_connect_error;
	}

	if(slen == 0){
		if(context->protocol == mosq_p_mqtt31){
			send__connack(context, 0, CONNACK_REFUSED_IDENTIFIER_REJECTED);
			rc = MOSQ_ERR_PROTOCOL;
			goto handle_connect_error;
		}else{ /* mqtt311 */
			mosquitto__free(client_id);
			client_id = NULL;

			bool allow_zero_length_clientid;
			if(db->config->per_listener_settings){
				allow_zero_length_clientid = context->listener->security_options.allow_zero_length_clientid;
			}else{
				allow_zero_length_clientid = db->config->security_options.allow_zero_length_clientid;
			}
			if(clean_session == 0 || allow_zero_length_clientid == false){
				send__connack(context, 0, CONNACK_REFUSED_IDENTIFIER_REJECTED);
				rc = MOSQ_ERR_PROTOCOL;
				goto handle_connect_error;
			}else{
				if(db->config->per_listener_settings){
					client_id = client_id_gen(db, &slen, context->listener->security_options.auto_id_prefix, context->listener->security_options.auto_id_prefix_len);
				}else{
					client_id = client_id_gen(db, &slen, db->config->security_options.auto_id_prefix, db->config->security_options.auto_id_prefix_len);
				}
				if(!client_id){
					rc = MOSQ_ERR_NOMEM;
					goto handle_connect_error;
				}
			}
		}
	}

The error is thrown when the packet is empty and either the protocol version is mismatched (3.1 vs 3.1.1), or the client id is not set (has length 0) or clean session is 0. Maybe with this and checking the things I mentioned you can find your issue.

Hello,
Thanks for your reply … i’m working on that.
Without tls when i try to connect to 1883 mqtt port, it works. But when i try over tls to 8883 port, i got this error.
My mosquitto version is 1.5.3 as displayed by ‘mosquitto -v’ command.
When i use a mosquitto_sub command, i got tls error or “:ssl3_get_server_certificate:certificate verify failed”.
The most strange is that works when i test it with self signed certificate.
Certificate and key are ok because i use them for https. They are generated by a trusted authority.

Hi guys!

i’ve HA configuration with 3 replica of network and application server. All of these are in kubernetes and they are connected to VerneMQ. I setup allow_multiple_session=yes. All have the same username and password, but after a while i got this error
time=“2020-02-13T10:50:14+01:00” level=error msg=“backend/gateway: connecting to mqtt broker failed, will retry in 2s: Identifier rejected”
and i need to reboot the instances.

The parameters clean_session is set on true and the client_id is empty.

Network server version: 3.7.0-3-gff04ae9
Application server version: 3.8.0-3-g11f56ca

Could you help me please @brocaar? Thanks

We use VerneMQ in Kubernetes (and are looking to move away from it in the next 6mo, but that’s another story). Our experience has been that it does very poorly with anonymous IDs, and you’ll have much better reliability if you pass it unique client IDs (I believe we generate these from the pods). We also avoid allow_multiple_session, and I think their docs recommend not using it, if I recall correctly.

So i need to create a configuration file for each pod to pass different client id. Such boring but ok thanks @bconway.

Could i ask you why you want to move away from vernemq? Thanks