M5Stack produce a suite of pilot-suitable modular IoT devices, including the Atom DTU NB-IoT. The NB-IoT DTU (Narrow Band Internet of Things - data transmission unit) comes in a small 64 24 29mm case with a DIN rail clip on mounting and support for RS-485 including 9-24V power (or USB-C power).
The kit base has a SIM7020G modem and the ESP32-based Atom Lite (which also supports WiFi) is included with a very resonable price. The device has built in MQTT, supports secure public certificate TLS connections, and supports IPv6.
While the physical unit is ready for pilot deployment (and the M5Stack website has several commerical deployment case studies), there is no pre-written firmware for the device, so some up front development is needed.
As well as reviewing the strengths and weaknesses of the device, I will also provide some sample code for a proof-of-concept using an Env III environment sensor to transmit temperature, humidity, and air pressure to an MQTT test server using MQTTS (with server certificates), over IPv6, over NB-IoT.
Continue reading M5Stack Atom NB-IoT device with secure MQTT over IPv6
MQTT (originally Message Queuing Telemetry Transport) is an important protocol for IoT that has been widely adopted. Devices deployed to the field may be connecting to existing MQTT endpoints, however you may also want to deploy your own MQTT server for testing purposes.
This article shows you how to deploy an Eclipse Mosquitto MQTT server onto Azure, configured for secure connections (MQTTS, which is MQTT over TLS), accessible over the internet, and including support for both IPv6 and legacy IPv4.
First we will configure a network in Azure, then deploy the server, and then test the deployment.
The instructions below show the individual commands, but if you want a quick start then full scripts, with automatic parameters, are available on Github https://github.com/sgryphon/iot-demo-build/blob/main/azure-mosquitto/README-mosquitto.md
To deploy the network and then server components via the scripts:
az account set --subscription <subscription id>
$VerbosePreference = 'Continue'
Read on for the full details.
Continue reading Deploying a secure MQTT test server on Azure with IPv6
It is important to ensure your IPv6-only docker server is secure.
First configure your firewall to allow secure shell (SSH), port 22, so that you can maintain your remote connection.
Then turn on your firewall with default deny incoming and default deny routing rules.
This ensures your server is secure-by-default, and only then should you allow routing to the specific containers and ports that you want to expose.
My server runs Ubuntu, so these instructions are based on the Uncompliciated Firewall (UFW), but similar considerations apply to other platforms
Continue reading Securing your IPv6-only docker server
There are very simple instructions for installing Ubuntu on a Raspberry Pi, simply downloading the Imager and then pick the OS (which it will download for you, I used Ubuntu Server 20.04 LTS), and write it to the micro SD card for your Pi. https://ubuntu.com/tutorials/how-to-install-ubuntu-on-your-raspberry-pi
The image is pre-configured for DHCPv4 using the wired Ethernet connection, with alternative instructions for getting it setup with Wi-Fi, but without mention of IPv6, which is now used by 30-35% of the Internet.
Here are instructions for setting up Ubuntu on your Raspberry Pi up with IPv6 only.
Continue reading Ubuntu, Raspberry Pi, IPv6 only
IPv6 support for Azure VNets is currently available in preview (https://azure.microsoft.com/en-us/updates/microsoft-adds-new-features-to-ipv6-support-for-azure-vnets/).
Most of it is available via the Azure Portal, but I found allocating an IP config to a network card had to be done via the shell.
Here are the steps I did to test:
Continue reading IPv6 virtual networks on Azure