MQTT instant messaging protocol is a protocol for networking applications thereof, using TCP / IP to provide network connectivity, a message mask transmission can be realized, loads the contents of the small overhead, can effectively reduce the network traffic. MQTT internet protocol for devices and usage scenarios need to keep the long link, may be implemented MQTT characterized unicast and multicast messages between devices may not be dependent on other services (service command issued, push services, etc.) to achieve device to allow application server mode to real device management and control.
Because of these characteristics have MQTT protocol, the most widely written agreement of each of Things cloud platform support now, Baidu, Ali, Amazon, OneNet other domestic things cloud service providers support this protocol, so developers do things of course, it is necessary to learn and understand about the agreement. Then we have to MQTT access protocol OneNET example, a newsletter to learn about the agreement.
Hardware connection environment: Monoceros mini development board connected to the PC's USB port with STlink
Software development environment: Keil MDK5.25 edit Monoceros mini development board official routine " 6.ESP8266-MQTT_TYPE3-LED "
Network environment: PC machine Ethernet card to connect the router to access the Internet, Windows10 establish wireless LAN hotspots, ESP8266 Monoceros development board through the hot spot to access the Internet.
Packet capture tool: Wireshart crawl Ethernet packets, set the filter conditions "ip.addr == 183.230.40.39", show only packets with OneNET MQTT server communication.
Simulator: simulate-device.exe, can be simulated on a PC embedded communications equipment.
Reference document: OneNET MQTT official document: " MQTT.docx ", MQTT Chinese document MQTT.PDF
Interaction: the connection weights Kam, data reporting, issued command, disconnected.
First, the connection weights Kam
First, modify the parameters of routine official information, the name and password into a WiFi wireless network card using a PC simulation of hotspot network, OneNET server's IP address and port number to ensure "183.230.40.39" and "6002", onenet.c the pROID, DEVID, AUTH_INFO modify the real value of the project.
Compile and download the program to the Monoceros Mini Development board, using Wireshark on the PC began to crawl Ethernet packets, set the filter conditions "ip.addr == 183.230.40.39", show only packets with OneNET MQTT server communication . To develop electric board Monoceros, wait a few seconds, you can see the packets Boards and server communication OneNET up.
Three frame packet information three-way handshake to establish a TCP connection to the server OneNET Boards and, after the development board to establish a TCP connection command sent ESP8266, ESP8266 automatically established between the server.
The fourth to fifth frames transmitted authentication information and the service area of the seat boards Kirin item OneNET response packet. The sixth and seventh frames are OneNET frame returned by the server authentication result information and ESP8266 response.
In the above process, we as a developer device side, only need to know the authentication server and authentication information to send the results of the sixth frame of the fourth frame of the return on it.
Next, a fourth key frame data analysis, a total of 114 times the frame data bytes, removing the Ethernet header 14 Bytes, IP header 20 bytes, 20 bytes of TCP header, TCP payload remaining 60 bytes in total.
The MQTT predetermined protocol packet, each packet contains a total of three parts MQTT:
1, Fixed Header portion is defined as follows:
The capture of data, the first byte of the TCP payload is 0x10, the correspondence table can be known, MQTT Packet Type value of 1, the name of CONNECT, the function of which is to establish a connection with the client requests the server. Its second byte is the table 0x3a Remaining Length field, the length of the packet.
根据MQTT协议规定,剩余长度(Remaining Length)表示当前报文剩余部分的字节数,包括可变报头和负载的数据。剩余长度不包括用于编码剩余长度字段本身的字节数。0x3a为十进制的58,这个数正好是TCP负载的60字节减去固定报头的两个字节长度。至于如何判断剩余长度占用的字节数,MQTT协议是这么规定的:
剩余长度字段使用一个变长度编码方案,对小于128的值它使用单字节编码。更大的值按下面的方式处理。低7位有效位用于编码数据,最高有效位用于指示是否有更多的字节。因此每个字节可以编码128个数值和一个延续位(continuation bit)。剩余长度字段最大4个字节。
根据以上定义,0x3a的二进制最高位为0,可以判定数据长度为1字节。
固定报头的部分分析完成后,根据下表进行判断:
2、CONNECT类型的消息是有可变报头和负载的。对于可变报头部分,按照以下格式编码:
对照抓包数据:
其中byte1-byte6是固定值,表格与数据完全对应。Byte7表示MQTT协议版本,这个必须固定为4,即3.1.1版,OneNET只支持这一版本协议,不支持更早版本的协议。
在Byte8中,user flag与password flag平台不允许匿名登陆,因此这两个标志位在连接时必须设置为1,否则认为协议错误,平台将会断开连接。所以该字节数据为0xC0。
Byte9-10为保持连接(Keep Alive),是一个以秒为单位的时间间隔,表示为一个16位的字,它是指在客户端传输完成一个控制报文的时刻到发送下一个报文的时刻,两者之间允许空闲的最大时间间隔。如果保持连接的值非零,并且服务端在一点五倍的保持连接时间内没有收到客户端的控制报文,它必须断开客户端的网络连接,认为网络连接已断开。OneNET规定最短120秒,最长65535秒,这里设置的事0x0100,也就是256秒。
3、负载部分
负载部分的数据是按照以下格式编码
对照数据:
0x0008为域一的字符串长度,这里是8字节,内容为ASCII码的“31421353”,正好是源码中DEVID,也就是设备ID(DeviceID);0x0006为域二的字符串长度,这里是6字节,内容为ASCII码的“141215”,正好是源码中PROID,也就是产品ID(ProduceID);0x001C为域三的字符串长度,这里是28字节,内容为ASCII码的”dpsO9ruH0aTZublG9g5SvBtFSEQ=”,正好是源码中AUTH_INFO,也就是产品ID(AuthInfo);
至此,上传的鉴权信息就分析完毕了,服务器接收到鉴权信息后首先会有一个应答包,同时进行鉴权,鉴权完毕后会下发结果给客户端:
鉴权结果同样采用TCP传输,总共60个字节,除去以太网头、IP头、TCP头共计54字节,还剩余60字节,其中有效TCP负载为4字节,其后面的两个字节为TCP数据包需要四字节对齐所补充的无效数据。
服务器返回的鉴权结果同样遵循MQTT包规则,首先是固定报头,根据上文表格0x20表示服务器确认连接,0x02表示后面跟随两字节有效数据,这里就是可变报头了。
可变报头规则如下:
根据返回的数据为0x0000,表示鉴权成功了。
二、数据上报
数据上报过程其实就是TCP通讯过程,每一次上报数据需要三帧,分别是数据上报,服务器确认,客户端确认,其中只需要了解数据上报帧就可以了。
在数据上报帧中,总计有121字节,除去以太网头、IP头、TCP头共计54字节,TCP有效字节数为67字节。
1、固定报头
根据MQTT协议规定的上传报文中的固定报头格式如下:
对照抓取的数据,TCP负载第一个字节0x32中的“3”表示上传数据报文,其中的“2”表示QoS值为1。
根据MQTT协议中服务质量定义表格如下:
对照表格,表示QoS值为1,即至少分发一次。
TCP负载的第二字节的0x41表示后面数据长度为65字节。
2、可变报头
其报文格式如下:
对照抓取数据:
0x0003为域一的两字节字符串长度,这里为3个字节,内容为主题名,这里为ASCII码的”$dp”,OneNET规定,”$dp”为系统上传数据点的指令。
接下来的0x000a为报文标识符(PacketIdentifier),因为之前QoS值选用的1,所以这两个字节在这里是必须的,固定为10,也就是0x000a。
3、负载
Payload包含真正的数据点内容,支持的格式如下:
对照抓取的数据:
负载的第一个字节为0x03,即Type=3,根据类型3的说明:
类型3说明后面个数据是JSON格式2的字符串,后面两个字节0x0037表示字符串的长度为55。
最后的55个字节就是上传的数据了,内容为55个ASCII码:
{"Red_Led":1,"Green_Led":1,"Yellow_Led":1,"Blue_Led":1}
这里表示上传了代表Led灯状态的四个数据流以及对应的值,OneNET服务器就会解析数据流并保存数据了。
三、命令下发
通过抓取数据包,命令下发过程需要四帧完成。
根据MQTT协议,四帧分别是服务器命令下发,客户端应答,客户端命令回复,服务器端应答。所以我们只需要了解服务器命令下发帧和客户端命令回复帧即可。
根据抓取到的数据,服务器命令下发帧总计108字节,其中TCP负载为54字节。
固定报头中的0x30表示发布消息,0x34表示后续内容有52字节。
可变报头部分数据格式如下:
The data fetch, 0002a string representing a length of 42 bytes, the contents of the string of ASCII code "$ creq / e8b6c9b6-225b-57dc-abaa-246ba58761d8". Wherein "$ Creq" flag is issued instruction system, "/" as the separator, the subsequent "e8b6c9b6-225b-57dc-abaa-246ba58761d8" instructions for UUID, UUID is a universal unique identifier, for identifying the the uniqueness of instruction.
The final eight bytes of the load section MQTT datagram, the instruction content is true, there is "redled: 0", the client receives the instruction control led light blinking.
Fourth, disconnect
Disconnect MQTT agreement no special requirements, just follow the TCP disconnection process, mainly each of the parties to send a TCP FIN packet marking, and confirm to each other, a total of four complete data.
V. Summary
So far the main routine OneNET official MQTT agreement on completion of the analysis, in fact, in addition to the analyzed, there exist other transactions, such as subscribe, unsubscribe, create a Topic, Topic push, offline Topic, etc., but in the routine not used, but also not the most commonly used, so there is no analysis. The analysis revealed that, MQTT agreement is very refined, very suitable for control protocol as the Internet of Things, and through the analysis, a basic understanding of the main contents MQTT agreement, which for the next step in various platforms (Arduino, STM32, raspberry pie, windows ) by MQTT protocol access OneNET cloud made full preparations.
