Context: Each customer can have 100-1000 IoT-devices behind NAT. We have multiple customers. The aim is to manage these devices from outside. Devices use CoAP protocol, which uses by default udp.
There are few constraints.
Problem We'd like to open anytime a connection to device from outside. But there is the NAT which prevents it.
Options As I understand, the device has to open initial request in order to communicate.
Which of the following options is the best one regarding scalability and efficiency?
Thank you very much
The official LWM2M answer to this is queuing mode, see slide 30 of https://www.slideshare.net/OpenMobileAlliance/oma-lwm2m-tutorial-by-arm-to-ietf-ace or slide 19 of https://mbed-media.mbed.com/filer_public/c1/c3/c1c35bec-5f0e-4a28-a422-115248c9a181/armmbed-lwm2m-webinar.pdf for more information. So the proposed solution is not listed under 1. to 4. above, but uses LWM2M protocol to send a "ping" in form of a registration update.
From a security viewpoint, if you deploy to public internet, I would suggest to:
a) you MUST use DTLS
b) you should support device firmware update and be able to deploy new firmware with patches very fast.
Personal view: LWM2M is broken by design by starting with the (wrong) idea that IoT devices are servers.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With