/
How to configure TCP protection

How to configure TCP protection

Jan 07, 2019

This article is applicable to FIX Antenna C++ /.Net (since 2.24.0) and FIXEdge (since 5.12.0).

For configuring TCP protection in FIXEdge FIXEdge.properties should be used, for configuring FIX Antenna C++/.Net - engine.properties.



It is possible to prevent one of possible consequences of abnormal user behavior - exhaustion of system resources.

As an example, consider the case when client establishes connection, doesn't send logon message and repeats the steps nubmer of times. 

In this case, as for Linux, all file descriptors will be reserved so that new connections will be rejected with the following reason:

[ERROR] 20160706-08:04:23.778 [140149185935104] [Engine] - Incoming TCP connection was exception : Cannot accept connection on port 9105. Please check settings ulimits in OS. Too many open files. (Error code = 24)

As for Windows, the dispatcher will hang because of increasing number of connections which need to be handled.



The case can be handled by configuring specific properties in FIXEdge.properties  (engine.properties) file which are responsible for TCP protection.

  • ProtectionTCP.Enabled = true 

    The property enables TCP protection. Valid values: true/false. 

  • ProtectionTCP.WaitLogon = 30000 

    The property to specify connection timeout (in milliseconds) of waiting for logon. When the time comes out, the connection is closed with corresponding reason:

    Disable when equal to 0. 

    The property will be enabled only if ProtectionTCP.Enabled = true



  • ProtectionTCP.SizeWaitHostMax = 3

    The property to specify maximum of connections waiting for logon from one host. When the number of connections from the same host exceeds specified value of the property, new connections will be rejected with corresponding reason. 

    Disable when equal to 0. 

    The property will be enabled only if ProtectionTCP.Enabled = true



  • ProtectionTCP.SizeBufferMax = 262144

    Specifies the maximum size (in bytes) of the buffer to be able to avoid the situation when user sends high-loaded garbage. It is specified in FIXEdge.properties (engine.properties) file:

    When the limit is exceeded, connection will be closed and corresponding reason will be written to the log.

    When connection is re-established after closure, Client will send Logon message with MsgSeqNum = <last outgoing sequence number> + 1. As a result, FIXEdge (FIX Antenna C++/.Net based application) will send ResendRequest and will receive the same message which caused disconnection. Thus, connection will be closed again.

    The minimum size of the property which can be specified is 262144. If a lower value is specified in the property, it will be replaced with 262144 on the start of the FIXEdge.

    If 0 is specified, there is no limit for the size of the buffer.

    The property will be enabled only if ProtectionTCP.Enabled = true.





Default values 



Property

FIXEdge

FIX Antenna C++ /.Net

Property

FIXEdge

FIX Antenna C++ /.Net

ProtectionTCP.Enabled 

true

false (disabled)

ProtectionTCP.WaitLogon

10000

0 (disabled)

ProtectionTCP.SizeWaitHostMax

5

0 (disabled)

ProtectionTCP.SizeBufferMax

0 (disabled)

0 (disabled)