Page tree
Skip to end of metadata
Go to start of metadata

Starting from version 5.12.0 FIXEdge can prevent one of possible consequences of abnormal user behavior - exhaustion of system resources.

As an example, consider the case when client establishes connection, doesn't send logon message and repeats the steps nubmer of times. 

In this case, as for Linux, all file descriptors will be reserved so that new connections will be rejected with the following reason:

[ERROR] 20160706-08:04:23.778 [140149185935104] [Engine] - Incoming TCP connection was exception : Cannot accept connection on port 9105. Please check settings ulimits in OS. Too many open files. (Error code = 24)

As for Windows, the dispatcher will hang because of increasing number of connections which need to be handled.


The case can be handled by configuring specific properties in FIXEdge.properties file which are responsible for TCP protection.

  • ProtectionTCP.Enabled = true 

    The property enables TCP protection. Valid values: true/false. Default value: ProtectionTCP.Enabled = true.


  • ProtectionTCP.WaitLogon = 30000 

    The property to specify connection timeout (in milliseconds) of waiting for logon. When the time comes out, the connection is closed with corresponding reason:

    [INFO]  20160706-07:40:53.032 [1274500] [Engine] - Logon message wasn't received in a given time interval(1000 ms) from 127.0.0.1:60376
    [INFO]  20160706-07:40:53.032 [1274500] [Engine] - Incoming TCP connection was closed (from 127.0.0.1:60376).

    Disable when equal to 0. Default value: ProtectionTCP.WaitLogon = 10000

    The property will be enabled only if ProtectionTCP.Enabled = true

 

  • ProtectionTCP.SizeWaitHostMax = 3

    The property to specify maximum of connections waiting for logon from one host. When the number of connections from the same host exceeds specified value of the property, new connections will be rejected with corresponding reason. 

    [INFO]  20160706-07:30:21.566 [1271868] [Engine] - Incoming TCP connection was rejected (from 127.0.0.1:60300). Excedeed limit of connections (3) from a single host.

    Disable when equal to 0. Default value: ProtectionTCP.SizeWaitHostMax = 5

    The property will be enabled only if ProtectionTCP.Enabled = true

 

  • ProtectionTCP.SizeBufferMax = 262144

    Specifies the maximum size (in bytes) of the buffer to be able to avoid the situation when user sends high-loaded garbage. It is specified in FIXEdge.properties file:

    ProtectionTCP.SizeBufferMax = 10000000

    When the limit is exceeded, connection will be closed and corresponding reason will be written to the log.

    [INFO] 20160706-07:21:19.809 [1271256] [Engine] - Incoming TCP connection was detected (from 127.0.0.1:60258).
    [INFO] 20160706-07:21:19.965 [1271896] [Engine] - Exceeded buffer received limited(1000000 ) from 127.0.0.1:60258
    [INFO] 20160706-07:21:19.966 [1271896] [Engine] - Incoming TCP connection was closed (from 127.0.0.1:60258).

    When connection is re-established after closure, Client will send Logon message with MsgSeqNum = <last outgoing sequence number> + 1. As a result, FIXEdge will send ResendRequest and will receive the same message which caused disconnection. Thus, connection will be closed again.

    The minimum size of the property which can be specified is 262144. If a lower value is specified in the property, it will be replaced with 262144 on the start of the FIXEdge.

    If 0 is specified, there is no limit for the size of the buffer.

    Default value: ProtectionTCP.SizeBufferMax = 0.

    The property will be enabled only if ProtectionTCP.Enabled = true.

  • No labels