tencent cloud

TDMQ for MQTT

Related Agreement
개인 정보 보호 정책
데이터 개인 정보 보호 및 보안 계약
문서TDMQ for MQTT

MQTT over QUIC

포커스 모드
폰트 크기
마지막 업데이트 시간: 2026-04-01 16:37:51

Background

The MQTT protocol requires an underlying transport that provides an ordered, lossless, stream of bytes from the Client to Server and Server to Client.

The QUIC protocol meets MQTT's transport layer requirements. As the underlying transport protocol of HTTP 3.0, QUIC offers the following key features:
Lower Latency: QUIC natively integrates TLS and supports features such as 0-RTT, resulting in lower connection latency.
Multiplexing: Built on UDP, QUIC eliminates the TCP head-of-line blocking issue across multiple streams.
Connection Migration: QUIC uses connection IDs to maintain sessions. When the 5-tuple changes, sessions can be restored through connection migration, avoiding the need to re-establish application-layer stateful protocol sessions such as MQTT sessions.
Poor Network Resilience: Advanced packet loss handling and congestion control algorithms make QUIC better suited for unreliable network conditions.


MQTT over QUIC

Note:
MQTT over QUIC is currently in the experimental phase and is not recommended for use in production environments.

Access Point

Protocol
Port
ALPN
QUIC
14567
mqtt

Example

OpenSSL
openssl s_client -quic -connect mqtt-xxx.mqtt.tencenttdmq.com:14567 -alpn mqtt
Sample output
(base) ➜  rocketmq-mqtt git:(develop) ✗ openssl s_client -quic -connect mqtt-xxx.mqtt.tencenttdmq.com:14567 -alpn mqtt
Connecting to 127.0.0.1
CONNECTED(00000003)
depth=2 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
verify return:1
depth=1 C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA  [Run by the Issuer]
verify return:1
depth=0 CN=*.mqtt.tencenttdmq.com
verify return:1
---
Certificate chain
 0 s:CN=*.mqtt.tencenttdmq.com
   i:C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA  [Run by the Issuer]
   a:PKEY: RSA, 2048 (bit); sigalg: sha256WithRSAEncryption
   v:NotBefore: Apr  3 00:00:00 2025 GMT; NotAfter: May  3 23:59:59 2026 GMT
 1 s:C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA  [Run by the Issuer]
   i:C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
   a:PKEY: RSA, 2048 (bit); sigalg: sha384WithRSAEncryption
   v:NotBefore: Jan  8 00:00:00 2020 GMT; NotAfter: Jan  7 23:59:59 2030 GMT
 2 s:C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
   i:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
   a:PKEY: RSA, 4096 (bit); sigalg: sha384WithRSAEncryption
   v:NotBefore: Mar 12 00:00:00 2019 GMT; NotAfter: Dec 31 23:59:59 2028 GMT
 3 s:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
   i:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
   a:PKEY: RSA, 2048 (bit); sigalg: sha1WithRSAEncryption
   v:NotBefore: Jan  1 00:00:00 2004 GMT; NotAfter: Dec 31 23:59:59 2028 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgIRAOk884vcqqt0VUZvXONQjUIwDQYJKoZIhvcNAQELBQAw
XDELMAkGA1UEBhMCQ04xGjAYBgNVBAoTEVdvVHJ1cyBDQSBMaW1pdGVkMTEwLwYD
VQQDDChXb1RydXMgRFYgU2VydmVyIENBICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMB4X
...
G2RXytk2VY7FtvKNEc7x5YXLmz4AbRXrSapESXD47g5/0Q6OBohZCKBE5WuieIkG
AVL9lPHd3MdTLZ9do2xs/4m8EvDGv4Nlo0ORsEykU9gyvRVlN+fcVQwMhI6Y7kms
IpzYem8HiB8rfQCr7sMlLw==
-----END CERTIFICATE-----
subject=CN=*.mqtt.tencenttdmq.com
issuer=C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA  [Run by the Issuer]
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: rsa_pss_rsae_sha256
Peer Temp Key: X25519, 253 bits
---
SSL handshake has read 0 bytes and written 0 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Protocol: QUICv1
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
ALPN protocol: mqtt
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 
    Session-ID-ctx: 
    Resumption PSK: 
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1757900693
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0

Use Limits

1. Only IETF RFC 9000 QUIC is supported. Legacy gQUIC is not supported.
2. As MQTT over QUIC is currently in the experimental phase, connection migration is not yet fully supported.
다음 주제: 개인 정보 보호 정책

도움말 및 지원

문제 해결에 도움이 되었나요?

피드백