Struggling with Traefik as Loadbalancer for MQTT (TCP / TLS 1.2)

I am trying to use Traefik as Loadbalancer for MQTT over tcp with TLS (1.2). I found some posts here for the topic how to setup traefik for mqtt, but nothing related or solving my special problem/case.

I have setup the following configuration for simulating locally the behaviour of Traefik as a Reverse Proxy & Loadbalancer for MQTT on my developer Windows 10 machine

  • Mosquitto_168_8883 on Windows locally on Port 8883 with TLS enabled/selfsigned certificates
  • Traefik 2.1.2 on Windows listening on Port 7883 for routing to mqqt (toml see below)
  • Node-Red 1.0.3 on Windows (NodeJs 12.14.1) client connecting (a) directly to Mosquitto (b) over Traefik to Mosquito

(a) Directly connecting and publishing is working for Node-Red Client (Port 8883)

(b) via Traefik: Node-Red can not connect or publish to MQTT (Port 7883)

My Traefik TOML Configuration is as follows:

[tracing]
  serviceName = "mqtt"
 [log]
  level = "DEBUG" # --log.level 
 
[entryPoints]
 [entryPoints.mqtt]
   address = ":7883"
 [entryPoints.traefik]
  address ="localhost:8091"

[api]
 dashboard = true
 insecure = true
 
[tcp] # YAY!
 [tcp.routers]
  [tcp.routers.mqtt]
   entrypoints = ["mqtt"]
   rule = "HostSNI(`*`)" # Catches every request   
   service = "mqtt"		
   
[tcp.routers.mqtt.tls]
     passthrough = true
      
    
 [tcp.services]
  [tcp.services.mqtt]
   [tcp.services.mqtt.loadBalancer]
    [[tcp.services.mqtt.loadBalancer.servers]]
      address = "localhost:8883"

Currently, I see nothing of interest within the active tracing and logging output. The Traefik UI shows no connection attemps via port 7883/TCP/Entrypoint mqtt

Does anyone has this usecase implemented up & running?
What am I doing wrong / what am I missing?
Thank you in advance.

in the v2, the dynamic configuration and the static configuration must define in separated files:

As in the v1, you have to enable the file provider

So the good way to configure is something like that:

traefik.toml

[entryPoints]
 [entryPoints.mqtt]
   address = ":7883"
 [entryPoints.traefik]
  address ="localhost:8091"

[api]
 dashboard = true
 insecure = true

[tracing]
  serviceName = "mqtt"

[log]
  level = "DEBUG" # --log.level 

[providers.file]
    directory = "/my_dyn_config_dir/"

/my_dyn_config_dir/myfile.toml

[tcp]
 [tcp.routers]
  [tcp.routers.mqtt]
   entrypoints = ["mqtt"]
   rule = "HostSNI(`*`)" # Catches every request   
   service = "mqtt"		
   [tcp.routers.mqtt.tls]
     passthrough = true
       
 [tcp.services]
  [tcp.services.mqtt]
   [tcp.services.mqtt.loadBalancer]
    [[tcp.services.mqtt.loadBalancer.servers]]
      address = "localhost:8883"

@Torsten1981 Did you manage to get MQTT working through Traefik?

I'm also struggling with getting Mosquitto-MQTT working through Traefik v2.1.3 and there doesn't seem to be a great deal of online help / examples.

Try with mqtt.myurl.com or something with your url, my dns-provider don't seem to be able to handle wildcards