Versions Compared

Version Old Version 83 New Version Current
Changes made by

AntonA (Unlicensed)

AntonA (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

Code Block
languageperl
titleengine.properties
Session.CLIENT1/EXECUTOR.UseBlockingSockets = true
Session.CLIENT1/EXECUTOR.DisableTCPBuffer = true
Session.CLIENT1/EXECUTOR.StorageType = persistentMM
Session.CLIENT1/EXECUTOR.Validation.IsEnabled = false

Prioritizing Rules

The engine uses properties for creating a session in the following order (If the property is not defined in the current step, then the value from the next step is used):

  1. Properties configured in the C++ code as Engine::SessionExtraParameters value before the session creation
  2. Session specific settings defined as properties with Session.SenderCompID/TargetCompID pair in the engine.properties
  3. Default session settings defined as Session.Default properties in the engine.properties
  4. Hardcoded FIX Antenna Engine defaults

List of Available Parameters

The full list can be found here:

...

Property

Description

Valid valuesDefaults

CpuAffinity

Specifies affinity mask for dedicated threads of the session. It makes sense only for aggressive modes.

Mask should be presented in the decimal system.0

RecvCpuAffinity

Specifies affinity mask for dedicated receiving thread of session. It makes sense only for an aggressive receive mode.

Mask should be presented in the decimal system.0

SendCpuAffinity

Specifies affinity mask for dedicated sending thread of session. It makes sense only for an aggressive send mode.

Mask should be presented in the decimal system.0

Create pre-configured sessions from a properties file

FIX Antenna 2.25.1. introduces a mechanism that allows passing a session configuration through a file.

...

With this scenario, all initiator sessions connect immediately to the counterparty.

FIX Antenna C++ code example

Code Block
languagecpp
titleapplication.cpp
collapsetrue
/* FixAntenna initialization here */
//....
Engine::Application MyAppAcceptor;
Engine::Application MyAppIntiator;
//....
std::vector<Session*> sessionsVector;
FAProperties::ConfiguredSessionsMap sessions = FixEngine::singleton()->getProperties()->getConfiguredSessions();
for(FAProperties::ConfiguredSessionsMap::const_iterator it = sessions.begin(); it != sessions.end(): ++it)
{
    Session *pSsn;
    if(it->second.sessionRole_ == Engine::INITIATOR_SESSION_ROLE)
        pSsn = FixEngine::singleton()->createSession( &MyAppIntiator, it->first, NA, &it->second );
    else
        pSsn = FixEngine::singleton()->createSession( &MyAppAcceptor, it->first, NA, &it->second );
    pSsn->connect();
    sessionsVector.push_back(pSsn);
}
//....
for(std::vector<Session*>.const_iterator it = sessionsVector.begin(); it != sessionsVector.end(); ++it)
{
    it->release();
}
/* FixAntenna de-initialization here */

FIX Antenna .NET code example

Code Block
languagec#
titleapplication.cs
collapsetrue
/* FixAntenna initialization here */
// ....
List<Session> activeSessions;
Dictionary<SessionId, SessionExtraParameters> sessions = FixEngine.Instance.getConfiguredSessions(SessionRole.NA);
foreach (KeyValuePair<SessionId, SessionExtraParameters> session in sessions)
{
    Session ses = FixEngine.Instance.CreateSession(session.Key, FixVersion.NA, session.Value);
    ses.Connect();
	activeSessions.add(ses);
}
//....
foreach (Session session in activeSessions)
{
	sessions.Dispose();
}

/* FixAntenna de-initialization here */

...

Code Block
languageperl
titleengine.properties
######### CLIENT1/SRV1 session #########
Session.CLIENT1/SRV1.ParserVersion = FIX44
Session.CLIENT1/SRV1.Role = Initiator
Session.CLIENT1/SRV1.Host = 127.0.0.1
Session.CLIENT1/SRV1.Port = 9090
Session.CLIENT1/SRV1.HBI = 30
#Other required session properties if any


######### ESVR/CTG session #########
Session.ESVR/CTG.ParserVersion = FIX44
Session.ESVR/CTG.Role = Acceptor
#Other required session properties if any

Pass Custom Logon Message to initiator from properties file.

Code Block
languageperl
titleengine.properties
######### CLIENT1/SRV1 session #########
Session.CLIENT1/SRV1.ParserVersion = FIX44
Session.CLIENT1/SRV1.Role = Initiator
Session.CLIENT1/SRV1.Host = 127.0.0.1
Session.CLIENT1/SRV1.Port = 9090
Session.CLIENT1/SRV1.HBI = 30
Session.CLIENT1/SRV1.CustomLogonMessageFileName = Logon.msg

An example of Logon message (35=A): Logon.msg

Create SSL sessions with properties file

FIX Antenna 2.26.0. has updated SSL support, extending the variety of formats accepted and password protected certificates/keys support.

...

Code Block
languageperl
titleengine.properties
######### Engine wide properties #########
# Used for all acceptor sessions and as default values for Initiator sessions. if ListenSSLPort is specified and optional otherwise.
# Mandatory. Set protocols accepted by the engine.
SSLProtocols = TLSv1_2
# Optional. Engine default values used if omitted.
SSLCiphersList = AES+aRSA:AES+aECDH:AES+aECDSA:@STRENGTH
# mandatory. Certificate file to use.
SSLCertificate = mycert.pem
# Optional. Applicable if only certificates is password protected.
SSLCertificatePassword = mycertPassword
# Optionality is correlated with SSLCertificate.
# It means if no SSLCertificate  specified then this property becomes seamless. It becomes optional if private key is already contained inside SSLCertificate file.
# This is possible for PEM and PFX formats but not for DER!
SSLPrivateKey = mycertKey.pem
# Optional if private key is not password protected. Please pay attention to the fact the this password is used for private key stored within certificate file as well.
# So it has meaning even if SSLPrivateKey is empty in this case.
SSLPrivateKeyPassword = mycertKeyPassword
# Optional if no peer certificate validation is required. This is a path to the file containing CA certificates (all in one file on after another, PEM format only!).
# This certificates are used to build accepted certificates list sent to peer as well.
SSLCACertificate = CACerts.pem
# Optional. false by default. Setting this property to true requires SSL engine to validate counter-party's certificate against CAs provided. 
# If validation has failed or no certificate was provided by counter-party connection is terminated immediately.
# Set this to true in order to accept only connection verified with certificate.
SSLValidatePeerCertificate = true

######### CLIENT1/SRV1 Initiator session #########
# Enable SSL support for the session
Session.CLIENT1/SRV1.SSL = true
# Optional. Overrides engine wide SSLProtocols property for the session
Session.CLIENT1/SRV1.SSLProtocols = TLSv1_2
# Optional. Overrides engine wide SSLCiphersList property for the session
Session.CLIENT1/SRV1.SSLCiphersList = AES+aRSA:AES+aECDH:AES+aECDSA:@STRENGTH
# Optional for initiators. Certificate file to use if certificate based authentication is requested by peer.
Session.CLIENT1/SRV1.SSLCertificate = mycert.pem
# Optional. Applicable if only certificates is password protected.
Session.CLIENT1/SRV1.SSLCertificatePassword = mycertPassword
# Optionality is correlated with SSLCertificate.
# It means if no SSLCertificate  specified then this property becomes seamless. It becomes optional if private key is already contained inside SSLCertificate file.
# This is possible for PEM and PFX formats but not for DER!
Session.CLIENT1/SRV1.SSLPrivateKey = mycertKey.pem
# Optional if private key is not password protected. Please pay attention to the fact the this password is used for private key stored within certificate file as well.
# So it has meaning even if SSLPrivateKey is empty in this case.
Session.CLIENT1/SRV1.SSLPrivateKeyPassword = mycertKeyPassword
# Optional if no peer certificate validation is required. This is a path to the file containing CA certificates (all in one file on after another, PEM format only!).
Session.CLIENT1/SRV1.SSLCACertificate = CACerts.pem
# Optional. false by default. Setting this property to true requires SSL engine to validate counter-party's certificate against CAs provided. If validation has failed connection is terminated immediately.
# Set this to true in order to validate acceptors certificate.
Session.CLIENT1/SRV1.ValidatePeerCertificate = true


######### ESVR/CTG Acceptor session #########
# Restricts the session to accept connections from SSL listener only.
Session.ESVR/CTG.SSL = true
# All remaining properties are engine wide for the acceptors and can't be specified on per-session basis.
# So they are configured with engine wide properties.


Configure FIX sessions with dedicated ports 

Accept sessions on a dedicated port 

Info
The feature is introduced in FIX Antenna 2.28.0.

FIX Antenna C++ provides few ways to define listening ports for incoming FIX sessions:

  • by configuring a port per single session
  • by configuring a port per multiple sessions
  • by defining a single not secure port via API
  • by defining multiple listening ports via API (both SSL and non-SSL)

FIX Antenna-based products allows you to allocate a separate port for each acceptor session. Such a configuration enhances the usability and security of the solution.

Info

The port can be shared between multiple sessions. However, the connection type should be the same, see more information in the "Limitations..." section.

When the last session bound to a particular port is terminated or not useful anymore, for example, according to the schedule, the Engine stops listening to connections on the given port. 

Code Block
languageperl
titleengine.properties
#defaults
Session.Default.StorageType = persistentMM
Session.Default.Validation.IsEnabled = false
Session.Default.ReconnectMaxTries = -1
Session.Default.ReconnectInterval = 60000

# acceptor #1
Session.FIXServer/Client42.Role = Acceptor
Session.FIXServer/Client42.ParserVersion = FIX42
Session.FIXServer/Client42.ReconnectInterval = 30000
Session.FIXServer/Client42.ListenPort = 9001
Session.FIXServer/Client42.ListenAddress = 127.0.0.1

# acceptor #2
Session.FIXServer/Client44.Role = Acceptor
Session.FIXServer/Client44.ParserVersion = FIX44
Session.FIXServer/Client44.ReconnectInterval = 30000
Session.FIXServer/Client44.ListenPort = 9002
Session.FIXServer/Client44.ListenAddress = 127.0.0.1

Similar configuration in QuickFIX:

Code Block
languageperl
titleacceptor.cfg
[DEFAULT]
FileStorePath=store
FileLogPath=log
ConnectionType=acceptor
SenderCompID=FIXServer

[SESSION]
BeginString=FIX.4.2
TargetCompID=Client42
ReconnectInterval=30
HeartBtInt=30
SocketAcceptPort=9001
SocketAcceptHost=127.0.0.1
DataDictionary=..\spec\fix\FIX42.xml

[SESSION]
BeginString=FIX.4.4
TargetCompID=Client44
ReconnectInterval=30
HeartBtInt=30
SocketAcceptPort=9002
SocketAcceptHost=127.0.0.1
DataDictionary=..\spec\fix\FIX44.xml
Info

The TCP socket option SO_REUSEADDR is always enabled for listening ports.

Limitations across parameters and combinations

Sessions parameters have priority over session default parameters and global parameters.

If unregistered sessions are allowed, they will be accepted on listening ports of global level only.

Same SSL context across multiple sessions

  1. The same listening SSL port (i.e. SSL context) cannot be shared between two and more sessions if their SSL parameters are not the same.
  2. Secure and non-secure connections can't share the same port.
Info

In case of the SSL context for multiple sessions is different or if a secure and insecure session are configured for using the same port, then the corresponding error will be logged. The session under conflict will not be created.


Example

Code Block
languageperl
titleengine.properties
collapsetrue
# SSL acceptor #1
Session.FIXServer/TLS12_Client42.Role = Acceptor
Session.FIXServer/TLS12_Client42.ParserVersion = FIX42
Session.FIXServer/TLS12_Client42.ListenPort = 9001
Session.FIXServer/TLS12_Client42.ListenAddress = 127.0.0.1
Session.FIXServer/TLS12_Client42.SSLValidatePeerCertificate = true
Session.FIXServer/TLS12_Client42.SSLCertificate = cert.pem
Session.FIXServer/TLS12_Client42.SSLPrivateKey = cert.pem
Session.FIXServer/TLS12_Client42.SSLCACertificate = certCA.pem
Session.FIXServer/TLS12_Client42.SSLProtocols = TLSv1_2

# SSL acceptor #2
Session.FIXServer/TLS12_Client44.Role = Acceptor
Session.FIXServer/TLS12_Client44.ParserVersion = FIX44
Session.FIXServer/TLS12_Client44.ListenPort = 9001
Session.FIXServer/TLS12_Client44.ListenAddress = 127.0.0.1
Session.FIXServer/TLS12_Client44.SSLValidatePeerCertificate = true
Session.FIXServer/TLS12_Client44.SSLCertificate = cert.pem
Session.FIXServer/TLS12_Client44.SSLPrivateKey = cert.pem
Session.FIXServer/TLS12_Client44.SSLCACertificate = certCA.pem
Session.FIXServer/TLS12_Client44.SSLProtocols = TLSv1_2

# SSL acceptor #3 with different TLS version => must use a different port.
Session.FIXServer/TLS10_Client44.Role = Acceptor
Session.FIXServer/TLS10_Client44.ParserVersion = FIX44
Session.FIXServer/TLS10_Client44.ReconnectInterval = 30000
Session.FIXServer/TLS10_Client44.ListenPort = 9002
Session.FIXServer/TLS10_Client44.ListenAddress = 127.0.0.1
Session.FIXServer/TLS10_Client44.SSLValidatePeerCertificate = true
Session.FIXServer/TLS10_Client44.SSLCertificate = cert2.pem
Session.FIXServer/TLS10_Client44.SSLPrivateKey = cert2.pem
Session.FIXServer/TLS10_Client44.SSLProtocols = TLSv1_0

# Non secure acceptor #4 => must use a different port.
Session.FIXServer/NonSecure_Client44.Role = Acceptor
Session.FIXServer/NonSecure_Client44.ParserVersion = FIX44
Session.FIXServer/NonSecure_Client44.ReconnectInterval = 30000
Session.FIXServer/NonSecure_Client44.ListenPort = 9003
Session.FIXServer/NonSecure_Client44.ListenAddress = 127.0.0.1
Session.FIXServer/NonSecure_Client44.SSLValidatePeerCertificate = true
Session.FIXServer/NonSecure_Client44.SSLCertificate = cert2.pem
Session.FIXServer/NonSecure_Client44.SSLPrivateKey = cert2.pem
Session.FIXServer/NonSecure_Client44.SSLProtocols = TLSv1_0

If the session connects to the listening port and SenderCompID does not match TargetCompID, the session will not be accepted and the corresponding error will be logged:

Session.FIXServer/NonSecure_Client44.ListenPort = 9003

Interaction with the stopListeningIncomingConnections function

The API call Engine::FixEngine::stopListeningIncomingConnections() stops listening and closes all the ports (global and sessions ones).

Configuring ListenPort session parameters via FIXICC

Info

FIXICC 2.11.2 does not support the following session parameters configuration yet:

  • ListenPort
  • ListenAddress

Configure Administrative sessions with dedicated ports

Note

The feature is available since FIX Antenna 2.29.0.

The administrative session has a configurable listen port as a FIX session.

FIX Antenna C++ provides a few ways to configure listening ports for administrative FIX sessions.

To configure listen port per single administrative FIX session:

  • Enable monitoring feature Monitoring.Enable in the engine.properties file.
  • Configure Monitoring.ListenAddress and Monitoring.ListenPort parameters exclusively for an administrative FIX session.
  • Specify administrative FIX session in engine.properties file.

To configure listen port per multiple sessions (administrative FIX session and another FIX session):

  • Enable monitoring feature Monitoring.Enable in the engine.properties file.
  • Configure Monitoring.ListenAddress and Monitoring.ListenPort parameters non-exclusively for an administrative FIX session.
  • Share Monitoring.ListenPort parameter with other FIX sessions.
  • Specify administrative FIX session in engine.properties file.

For multiple administrative sessions, specify all required sessions in session Monitoring.AdminSessionNames list with own sets of parameters.

If the parameters do not exist or are empty, the global engine's parameters Listen Address and Listen Port are used the same way as for ordinary FIX sessions.

Info

Monitoring.ListenPort does not support a secure connection. 

To enable SSL for administrative sessions, the port number must be also added to ListenSSLPort.

More examples 

Parameters priority

The session parameters have priority over default session parameters.

If the listening port is defined for a default session, it will be used for the sessions, if the listening port for a specific session is not defined. If the listening port is not defined for a specific session and for a default session, the session will be listened to on the global ports.

Code Block
titleengine.properties
# The session parameters has the highest priority
Session.FIXServer/TLS12_Client42.ListenPort = 9001
Session.FIXServer/TLS12_Client42.ListenAddress = 127.0.0.1

# defines defaults if session's parameters are not set
Session.Default.ListenPort = 9105
Session.Default.ListenAddress = 0.0.0.0

# defines default Engine level parameters if session's parameters are not set
ListenPort = 9105
ListenAddress = 0.0.0.0

Session.Default.ListenPort and Session.Default.ListenAddress parameters are used for an acceptor session, if ListenPort and ListenAddress parameters for a session level are not set.

Dedicated session

Code Block
titleengine.properties
# defines local endpoint for Acceptor session that will be created on demand.
# Incoming connections from other endpoints will be filtered out
Session.<SenderId>/<TargetId>.ListenPort = 9105
Session.<SenderId>/<TargetId>.ListenAddress = 0.0.0.0

Disabled listening

To disable listening to incoming connections, a user should comment or remove a value for all ListenPort parameters. 

Code Block
titleengine.properties
Session.<SenderId>/<TargetId>.ListenPort = 
ListenPort = 
ListenSSLPort =
Monitoring.ListenPort =

Setting listening ports via API 

To configure a listening address for a session use the field: Engine::SessionExtraParameters::listenAddress_

To configure listening ports for a session use the field: Engine::SessionExtraParameters::listenPort_.

To set an SSL port or several non-secure listening ports for a session via API, you need to use listenEndpoints (the list of structures where ListenAddress and listenSocketEndpoint parameters are defined). The listenSocketEndpoint parameter defines the listening port and sslCtx which sets parameters of the listening port (whether this port supports SSL or not).

By using API, any combination of listening ports for acceptor sessions can be defined.