Access Solution for Level II Market Data from Hong Kong Node

Access solution for Transaction System Level II Market Data Hong Kong Node Users

I. Introduction of Transaction System Level II Market Datafrom Hong Kong Node

     Transaction System Level II Market Data ("L2 Market Data") network is an L2 market data network using an independent dedicated network. It carries L2 market data flow, including market data snapshots and individual market data. In the market of mainland China, L2 market data users can only access via LAN lines. Shenzhen Securities Communication boasts complete securities communication infrastructure, full-fledged functions, and advanced technology. To facilitate foreign investors to invest in the Shenzhen market and promote the prosperity of the Shenzhen-Hong Kong Common Market, we have established the Hong Kong Node for L2 Market Data. Overseas users can access the Hong Kong node via WAN or LAN according to availability.

II. Access solution for Level II Market Data from the Hong KongNode

2.1 LAN access solution

        We have rented the racks at HKT Tseung Kwan O Center to offer access toShenzhen Stock Exchange L2 Market Data from the Hong Kong Node,. Overseas LAN users can also rent the racks at HKT Tseung Kwan O Center to access the Shenzhen Stock Exchange L2 market data equipment via LAN lines.

2.2 WAN access solution

       Overseas users can also apply for a dedicated WAN line to access Shenzhen Stock Exchange L2 market data from the Hong Kong Node. The recommended bandwidth is 50Mbps. Users can choose a solution according to the actual bandwidth.

2.3 Access redundancy scheme

To reduce the possibility of interruption in a single line, the access plan is recommended as follows:
● Recommended: The user applies for two 50M local lines (or two LAN lines) to access the HKT Tseung Kwan O Center to receive L2 market data, and a 6M WAN line to access WTT Chaiwan Center to receiveL1 market data                                for backup;
●Optional: The user applies for a 50M local line (or a LAN line) and a 6M WAN line to access WTT Chaiwan Center to receive L1 market data for backup;
●Optional: The user only applies for two 50M local lines (or two LAN lines) to access HKT Tseung Kwan O Center to receive L2 market data as a backup for each other; when the HKT Tseung Kwan O central node fails, there                     will be no L1 market data as a backup ;
●Not recommended: Users only apply for a single 50M local line (or a LAN line) to access HKT Tseung Kwan O Center to receive L2 market data without any backup. The service availability of this plan is 99.6%. The user has to wait for troubleshooting by the operator patiently in case of interruption.
Taking two 50M local lines (or two LAN lines) to access HKT Tseung Kwan O Center as an example. At present, we have two racks, J13 and J14, in the HKT Tseung Kwan O Center. Southen Information Technology Center (South Center) L2 and Futian Center L2 market data are respectively available by connecting to J13 and J14 racks. South Center and Futian Center are the dual-active centers of Shenzhen Stock Exchange. Of the market data from the two centers, users may configure the software to use one source as the primary market data source and the other as the backup. When the primary fails, the software will automatically switch to the backup.

2.4 Access node and access mode

The access node information and recommended bandwidth are shown in Table
1.

III. Technical specification for user access

3.1. Technical requirements

3.1.1Type of line access

         Users may access the L2 market data network and L1 market data network (backup) through leased MSTP lines. When accessing this type of line, the user's routing equipment has to have a local area network port (LAN port).

3.1.2 Connection detection function

          In order to switch network fast in case of network failure, users should enable and configure BFD (Bidirectional Forwarding Detection) on the routing device to detect network connectivity.

3.1.3 Routing

3.1.3.1 Unicast routing and auxiliary features
             The unicast routing for users to assess L2 and L1 market data network (backup) uses BGP dynamic routing. Each user has an AS domain. The assigned IP address and AS domain will be different if a user accesses the L1 market data network for backup as the L2 and L1 market data network are physically separated. 3.1.3.2 Multicast routing and auxiliary features Our software uses the PIM multicast routing protocol for user access, and each user has to configure every line to sparse-mode. PIM-SSM mode is used for multicast transmission, therefore the user's operating system from router and switch to host needs to support IGMPv3, and enable the SSM on the network device. The multicast stream will be pushed from the backbone device to the user device. In principle, the user does not have to establish a PIM neighbor relationship with the backbone device.
            The technical requirements are summarized in Table 3.

3.1.4 Security

          Users accessing L2 market data network and L1 market data network (backup) should follow the requirements for G3 level in the "Securities and Futures Industry- Testing and Evaluation Requirement for Classified Protection of Information System". Users should use standard-compliant routing equipment for secure access, and perform access control and intrusion prevention.

3.2 User configuration guidelines

         For example, a user applies for two LAN lines to access the L2 Market Data from Hong Kong Node: (access to L1 market data network is detailed in additional documents)

3.2.1 IP address information:

3.2.2 BGPAS No

3.2.3 Master server service IP:

3.2.4 Multicast group / source:

      Note: A gateway can receive market data only from the addresses in either the L2-1 Multicast Address List of Market Data Service or from the L2-2 Multicast Address List of Market Data Service, which cannot be mixed.
Appendix: Reference configuration for access device
(IP address, AS number, AS password, port number, etc. are subject toactual allocation)
Taking the primary line router connected to the HKT node as an example, and pursuant to the technical requirements for accessing users.
the recommendedreference configuration is as follows:
1) Interface configuration for access router
Juniper device:
set interfaces ge-1/0/0 unit 0 family inet address 10.219.1.1/27 //User's internal interface IP address
set interfaces ge-1/0/1 unit 0 family inet address 10.220.1.2/30 //interface IP for interconnecting with Shenzhen Stock Exchange
Cisco device:
interface FastEthernet0/1
ip address 10.220.1.2 255.255.255.252 //interface IP for interconnecting with Shenzhen Stock Exchange
bfd interval 500 min_rx 500 multipler3 //enable bfd
interface FastEthernet0/0
ip address 10.219.1.1 255.255.255.224 // User's internal interface IP
2) Unicast routing configuration for access router
BGP Configuration
Juniper device:
set routing-options router-id 100.1.1.1 //router-id
set routing-options autonomous-system 64515//AS number
set protocols bgp group EBGP type external //Establish EBGP neighbor
set protocols bgp group EBGP peer-as 43101//Peer AS number
set protocols bgp group EBGP neighbor 10.220.1.1 //Establish neighbors with BGP
set protocols bgp group EBGP export internal-to-bgp//Release user addresses to BGP
set protocols bgp group EBGP bfd-liveness-detection minimum-interval 500 //Enable BFD for BGP
set protocols bgp group EBGP bfd-liveness-detection multiplier 3 // Enable BFD for BGP
set routing-options static route 0.0.0.0/0 next-hop 10.219.1.2 //Assume that the user's downlink device interface IP is 10.219.1.2
set policy-options policy-statement internal-to-bgp from route-filter 10.219.1.0/27 exact //Match user routing
set policy-options policy-statement internal-to-bgp then accept //Match user routing
Cisco device:
Router bgp 64515 //AS number assigned to the user
Bgp router-id X.X.X.X //ROUTER ID
Neighbor 10.220.1.1 remote-as 43101 //Establish BGP neighbor
Neighbor 10.220.1.1 fail-over bfd //bgp switch based on bfd
Network 10.219.1.0 mask 255.255.255.224 //Announce available address for the user
No auto-summary //Disable auto-summary
Ip route 0.0.0.0 0.0.0.0 10.219.1.2////Assume that the IP of the downlink device interface is 10.229.1.2
3) Multicast routing configuration for access router
PIM and IGMP configuration
Juniper device:
set protocols igmp interface ge-1/0/0.0 version 3 //Use IGMPV3 for Intranet interface
set protocols pim interface ge-1/0/0.0 mode sparse //Use PIM SM for Intranet interface
set protocols pim interface ge-1/0/1.0 mode sparse // Use PIM SM for WAN interface
Cisco device:
Ippimssm default
interface FastEthernet0/0
ip address 10.219.1.1 255.255.255.224
ipigmp version 3 //Use IGMPV3
interface FastEthernet0/1
ip address 10.220.1.2 255.255.255.252
ippim sparse-mode //Enable PIM
end
The configuration of backup router connected to the HKT node can be modified by referring to the above configuration.
Access+Solution+for+Level+II+Market+Data+from+Hong+Kong+Node.pdf
205.0 KB
0 0