TCP Transport

Overview

MQTT over TCP is the standard, unencrypted transport protocol for MQTT connections. HiveMQ CE listens on port 1883 by default for TCP connections.

Configuration

Basic TCP Listener

config.xml

<hivemq>
  <listeners>
    <tcp-listener>
      <port>1883</port>
      <bind-address>0.0.0.0</bind-address>
    </tcp-listener>
  </listeners>
</hivemq>

Configuration Options

Option	Description	Default
`port`	TCP port number	1883
`bind-address`	Network interface to bind	0.0.0.0 (all interfaces)
`name`	Listener name for identification	auto-generated

Multiple Listeners

<hivemq>
  <listeners>
    <tcp-listener>
      <port>1883</port>
      <bind-address>0.0.0.0</bind-address>
      <name>default-listener</name>
    </tcp-listener>
    <tcp-listener>
      <port>1884</port>
      <bind-address>192.168.1.100</bind-address>
      <name>internal-listener</name>
    </tcp-listener>
  </listeners>
</hivemq>

Connecting Clients

Python (paho-mqtt)

import paho.mqtt.client as mqtt

def on_connect(client, userdata, flags, rc):
    print(f"Connected with result code {rc}")

client = mqtt.Client()
client.on_connect = on_connect
client.connect("localhost", 1883, 60)
client.loop_forever()

Java (HiveMQ MQTT Client)

import com.hivemq.client.mqtt.mqtt5.Mqtt5BlockingClient;
import com.hivemq.client.mqtt.mqtt5.Mqtt5Client;

public class MqttExample {
    public static void main(String[] args) {
        Mqtt5BlockingClient client = Mqtt5Client.builder()
            .identifier("my-client")
            .serverHost("localhost")
            .serverPort(1883)
            .buildBlocking();
        
        client.connect();
        System.out.println("Connected!");
    }
}

JavaScript (MQTT.js)

const mqtt = require('mqtt');

const client = mqtt.connect('mqtt://localhost:1883');

client.on('connect', () => {
  console.log('Connected!');
});

Mosquitto CLI

# Subscribe
mosquitto_sub -h localhost -p 1883 -t "test/topic"

# Publish
mosquitto_pub -h localhost -p 1883 -t "test/topic" -m "Hello"

Security Considerations

TCP transport is unencrypted. Credentials and message payloads are transmitted in plain text. Use TLS for production deployments.

When to Use TCP

✅ Development and testing
✅ Trusted internal networks
✅ Already encrypted at network layer (VPN)
❌ Public networks
❌ Sensitive data
❌ Compliance requirements

Firewall Configuration

Linux (iptables)

sudo iptables -A INPUT -p tcp --dport 1883 -j ACCEPT
sudo iptables-save

Linux (firewalld)

sudo firewall-cmd --permanent --add-port=1883/tcp
sudo firewall-cmd --reload

Docker

docker run -d --name hivemq-ce -p 1883:1883 hivemq/hivemq-ce

Next Steps

TLS Transport

Secure your MQTT connections with TLS/SSL

Connecting Clients

More client connection examples

Configuration Guide

Advanced listener configuration

WebSocket Transport

MQTT over WebSocket

MQTT Protocol

Transport Protocols

Guides

Overview

Configuration

Basic TCP Listener

Configuration Options

Multiple Listeners

Connecting Clients

Python (paho-mqtt)

Java (HiveMQ MQTT Client)

JavaScript (MQTT.js)

Mosquitto CLI

Security Considerations

When to Use TCP

Firewall Configuration

Linux (iptables)

Linux (firewalld)

Docker

Next Steps

TLS Transport

Connecting Clients

Configuration Guide

WebSocket Transport

Build docs developers (and LLMs) love

MQTT Protocol

Transport Protocols

Guides

​Overview

​Configuration

​Basic TCP Listener

​Configuration Options

​Multiple Listeners

​Connecting Clients

​Python (paho-mqtt)

​Java (HiveMQ MQTT Client)

​JavaScript (MQTT.js)

​Mosquitto CLI

​Security Considerations

​When to Use TCP

​Firewall Configuration

​Linux (iptables)

​Linux (firewalld)

​Docker

​Next Steps

TLS Transport

Connecting Clients

Configuration Guide

WebSocket Transport

Build docs developers (and LLMs) love

Overview

Configuration

Basic TCP Listener

Configuration Options

Multiple Listeners

Connecting Clients

Python (paho-mqtt)

Java (HiveMQ MQTT Client)

JavaScript (MQTT.js)

Mosquitto CLI

Security Considerations

When to Use TCP

Firewall Configuration

Linux (iptables)

Linux (firewalld)

Docker

Next Steps