Join the 80,000 other DTN customers who enjoy the fastest, most reliable data available. There is no better value than DTN!

(Move your cursor to this area to pause scrolling)




"Can I get another account from you? I am tired of ******* going down so often" - Comment from George
"Thank you so much - awesome feed, awesome service!" - Comment from Greg via Email
"I have been using IQFeed now for a few years in MultiCharts and I have zero complaints. Very, very rare to have any data hiccups or anything at all go wrong." - Comment from Public Forum
"I was with ******* for 4 years at $230 a month, this is a huge savings for me, GOD BLESS YOU PEOPLE," - Comment from T.S. via Email
"IQ feed works very well, does not have all of the normal interruptions I have grown used to on *******" - Comment from Mark
"If someone needs the best quality data and backfill beyond what their broker provides at a rate that is the best in the industry, I highly recommend IQFeed." - Comment from Josh via Public Forum
"My broker in Davenport suggested I give you a try as he uses your service and says its the best." - Comment from Bill via RT Chat
"I was on the phone with a friend who uses CQG and right after the Fed announcement, CQG was as much as 30 seconds behind DTN.IQ. Some quotes were off by as much as 15-18 cents. Your feed never missed a beat." - Comment from Roger
"Everything is working amazing now. I'm already impressed with the true-tick feed of IQFeed and it's ability to support my 480 symbol layout." - Comment from Tyler via Email
"It’s so nice to be working with real professionals!" - Comment from Len
Home  Search  Register  Login  Blogs Recent Posts

Information on Various DTN Products:
DTN IQFeed | DTN ProphetX | DTN Ag | NxCore
Follow DTN_IQFeed on Twitter
DTN.IQ/IQFeed on Twitter
DTN News and Analysis on Twitter
»Forums Index »Product Support »DTN.IQ Client Software Support »Firewall Advice
Author Topic: Firewall Advice (5 messages, Page 1 of 1)

jlarmee
-Interested User-
Posts: 54
Joined: Jan 12, 2006


Posted: Mar 10, 2009 02:58 PM          Msg. 1 of 5
Hi. My client is trying to set up a more thorough firewall on his server and it seems like connecting to IQFeed keeps getting in the way. Whenever we tighten the screws, it seems like the IQFeed connection doesn't work and we have to back off.

Is there some general information on the ports that IQFeed uses, and the servers the ports should be allowed to access? (I'm far from an expert in this topic -- so let me know if that question even made sense!)

Thanks in advance for your help!

DTN_LorenF
-DTN Technical Support-
Posts: 228
Joined: May 11, 2004


Posted: Mar 10, 2009 03:49 PM          Msg. 2 of 5
jlarmee, this is going to be dependant upon what exactly you are needing to function. The various types of data in IQFeed are transmitted over different ports to the client.

We have 2 server farms currently which are commonly referred to as the "148" server farm and the "156" server farm. Each farm is identical in IPs and ports and customers are load balanced between them so you might need duplicate firewall rules setup to allow for connections to each server farm. Each server farm operates on two separate port ranges as well that are copied and 55000 apart from each other (one in the 5000 range and the other in the 60000 range). Keep in mind also that ALL connections for IQFeed originate from the client application so no port forwarding should be needed.

The preferred method is to open the entire subnet on the following port ranges.
66.112.156.XXX ports 5000 - 5050 and 60000 - 60050
66.112.148.XXX ports 5000 - 5050 and 60000 - 60050

The reason for this is that IP addresses and port numbers change on occasion (adding or subtracting servers). This will allow you optimal use of the feed while having very little potential to having to revisit firewall configuration at a later time.

If you need a more detailed (or "tighter security") model, the following information can be used but keep in mind that we do modify these ports occasionally for various reasons so it is entirely possible these will change and cause feature(s) of the feed to no longer work.

The "156" server farm.
66.112.156.210 - 66.112.156.214 ports 5000, 5001, 5005, 5009, 5014, 5015, 5018, 5020, 5050, 60000, 60001, 60005, 60009, 60014, 60015, 60018, 60020, 60050
66.112.156.220 - 66.112.156.229 ports 5002, 5003, 5004, 5013, 60002, 60003, 60004, 60013
66.112.156.110 - 66.112.156.119 ports 5002, 5003, 5004, 5013, 60002, 60003, 60004, 60013

The "148" server farm is exactly the same except the ip addresses.
66.112.148.210 - 66.112.148.214 ports 5000, 5001, 5005, 5009, 5014, 5015, 5018, 5020, 5050, 60000, 60001, 60005, 60009, 60014, 60015, 60018, 60020, 60050
66.112.148.220 - 66.112.148.229 ports 5002, 5003, 5004, 5014, 60002, 60003, 60004, 60014
66.112.148.110 - 66.112.148.119 ports 5002, 5003, 5004, 5014, 60002, 60003, 60004, 60014

let us know if you need anymore information

-edited for updated settings-
Edited by DTN_Steve_S on Jun 1, 2011 at 03:19 PM

jlarmee
-Interested User-
Posts: 54
Joined: Jan 12, 2006


Posted: Mar 10, 2009 05:24 PM          Msg. 3 of 5
Thanks!

This very helpful!. I think the entire subnet and port range should do it. We shouldn't need to get to the detailed list. I'll keep that under my hat.

-- Jay

Arnold
-Interested User-
Posts: 1
Joined: Apr 17, 2015


Posted: Apr 17, 2015 05:53 AM          Msg. 4 of 5
Quote: jlarmee, this is going to be dependant upon what exactly you are needing to function. The various types of data in IQFeed are transmitted over different ports to the client.

We have 2 server farms currently which are commonly referred to as the "148" server farm and the "156" server farm. Each farm is identical in IPs and ports and customers are load balanced between them so you might need duplicate firewall rules setup to allow for connections to each server farm. Each server farm operates on two separate port ranges as well that are copied and 55000 apart from each other (one in the 5000 range and the other in the 60000 range). Keep in mind also that ALL connections for IQFeed originate from the client application so no port forwarding should be needed.

The preferred method is to open the entire subnet on the following port ranges.
66.112.156.XXX ports 5000 - 5050 and 60000 - 60050
66.112.148.XXX ports 5000 - 5050 and 60000 - 60050

The reason for this is that IP addresses and port numbers change on occasion (adding or subtracting servers). This will allow you optimal use of the feed while having very little potential to having to revisit firewall configuration at a later time.

If you need a more detailed (or "tighter security") model, the following information can be used but keep in mind that we do modify these ports occasionally for various reasons so it is entirely possible these will change and cause feature(s) of the feed to no longer work.

The "156" server farm.
66.112.156.210 - 66.112.156.214 ports 5000, 5001, 5005, 5009, 5014, 5015, 5018, 5020, 5050, 60000, 60001, 60005, 60009, 60014, 60015, 60018, 60020, 60050
66.112.156.220 - 66.112.156.229 ports 5002, 5003, 5004, 5013, 60002, 60003, 60004, 60013
66.112.156.110 - 66.112.156.119 ports 5002, 5003, 5004, 5013, 60002, 60003, 60004, 60013

The "148" server farm is exactly the same except the ip addresses.
66.112.148.210 - 66.112.148.214 ports 5000, 5001, 5005, 5009, 5014, 5015, 5018, 5020, 5050, 60000, 60001, 60005, 60009, 60014, 60015, 60018, 60020, 60050
66.112.148.220 - 66.112.148.229 ports 5002, 5003, 5004, 5014, 60002, 60003, 60004, 60014
66.112.148.110 - 66.112.148.119 ports 5002, 5003, 5004, 5014, 60002, 60003, 60004, 60014

let us know if you need anymore information

-edited for updated settings-
Edited by DTN_Steve_S on Jun 1, 2011 at 03:19 PM
--- Original message by DTN_LorenF on Mar 10, 2009 03:49 PM
Hi Loren

Could please you confirm if this still applies ?

DTN_LorenF
-DTN Technical Support-
Posts: 228
Joined: May 11, 2004


Posted: Apr 20, 2015 07:20 AM          Msg. 5 of 5
Arnold

Yes, this still the way our server farms are setup.
 

 

Time: Tue December 12, 2017 7:19 PM CFBB v1.2.0 16 ms.
© AderSoftware 2002-2003