How to configure TCP protection
This article is applicable to FIX Antenna C++ /.Net (since 2.24.0) and FIXEdge (since 5.12.0).
For configuring TCP protection in FIXEdge FIXEdge.properties should be used, for configuring FIX Antenna C++/.Net - engine.properties.
It is possible to prevent one of possible consequences of abnormal user behavior - exhaustion of system resources.
As an example, consider the case when client establishes connection, doesn't send logon message and repeats the steps nubmer of times.Â
In this case, as for Linux, all file descriptors will be reserved so that new connections will be rejected with the following reason:
|
As for Windows, the dispatcher will hang because of increasing number of connections which need to be handled.
The case can be handled by configuring specific properties in FIXEdge.properties (engine.properties) file which are responsible for TCP protection.
ProtectionTCP.Enabled = trueÂ
The property enables TCP protection. Valid values: true/false.Â
ProtectionTCP.WaitLogon = 30000Â
The property to specify connection timeout (in milliseconds) of waiting for logon. When the time comes out, the connection is closed with corresponding reason:
[INFO]Â 20160706-07:40:53.032 [1274500] [Engine] - Logon message wasn't receivedÂ
in
Âa givenÂ
time
Âinterval(1000 ms) from 127.0.0.1:60376
[INFO]Â 20160706-07:40:53.032 [1274500] [Engine] - Incoming TCP connection was closed (from 127.0.0.1:60376).
Disable when equal to 0.Â
The property will be enabled only if ProtectionTCP.Enabled = true
ProtectionTCP.SizeWaitHostMax = 3
The property to specify maximum of connections waiting for logon from one host. When the number of connections from the same host exceeds specified value of the property, new connections will be rejected with corresponding reason.Â
[INFO]Â 20160706-07:30:21.566 [1271868] [Engine] - Incoming TCP connection was rejected (from 127.0.0.1:60300). Excedeed limit of connections (3) from a single host.
Disable when equal to 0.Â
The property will be enabled only if ProtectionTCP.Enabled = true
ProtectionTCP.SizeBufferMax =Â 262144
Specifies the maximum size (in bytes) of the buffer to be able to avoid the situation when user sends high-loaded garbage. It is specified in FIXEdge.properties (engine.properties) file:
ProtectionTCP.SizeBufferMax = 10000000
When the limit is exceeded, connection will be closed and corresponding reason will be written to the log.
[INFO] 20160706-07:21:19.809 [1271256] [Engine] - Incoming TCP connection was detected (from 127.0.0.1:60258).
[INFO] 20160706-07:21:19.965 [1271896] [Engine] - Exceeded buffer received limited(1000000 ) from 127.0.0.1:60258
[INFO] 20160706-07:21:19.966 [1271896] [Engine] - Incoming TCP connection was closed (from 127.0.0.1:60258).
When connection is re-established after closure, Client will send Logon message with MsgSeqNum = <last outgoing sequence number> + 1. As a result, FIXEdge (FIX Antenna C++/.Net based application) will send ResendRequest and will receive the same message which caused disconnection. Thus, connection will be closed again.
The minimum size of the property which can be specified is 262144. If a lower value is specified in the property, it will be replaced with 262144 on the start of the FIXEdge.
If 0 is specified, there is no limit for the size of the buffer.
The property will be enabled only if ProtectionTCP.Enabled = true.
Property | FIXEdge | FIX Antenna C++ /.Net |
---|---|---|
ProtectionTCP.Enabled | true | false (disabled) |
ProtectionTCP.WaitLogon | 10000 | 0 (disabled) |
ProtectionTCP.SizeWaitHostMax | 5 | 0 (disabled) |
ProtectionTCP.SizeBufferMax | 0 (disabled) | 0 (disabled) |