Network Setup
This page provides detailed configuration instructions for setting up Direct Market Access (DMA) network connectivity to the Bitnomial Exchange.
AWS PrivateLink
AWS PrivateLink allows the exchange to share an AWS Network Load Balancer (NLB) with another AWS account easily.
The exchange needs the DMA participant's AWS account ID and the DMA participant needs the exchange's VPC Endpoint service name and ports for the various services. Contact help@exchange.bitnomial.com to exchange this information.
- Exchange adds DMA participant's AWS account to the list of authorized AWS accounts on the PrivateLink service
- The DMA participant adds an
Interfacetype VPC Endpoint with the exchange's VPC Endpoint service name to their VPC with an appropriate security group.
AWS Direct Connect
AWS Direct Connect allows DMA participants to connect to AWS from their private datacenter over a fiber connection. Contact help@exchange.bitnomial.com to learn more about the AWS Direct Connect onboarding
VPC Peering
DMA participants can use AWS VPC Peering to peer DMA participant VPCs with Bitnomial VPCs.
- Bitnomial assigns VPC CIDR block and Availability Zone to the DMA participant.
- The participant reports VPC ID and AWS Account ID to Bitnomial.
- Bitnomial sends peering request to the participant, and reports request ID to the participant.
- Participant accepts peering request and creates route to Bitnomial subnet.
Example VPC Peering Values
The tables below outlines example values for what information needs to be exchanged.
From the participant to Bitnomial:
| Participant → Bitnomial | Value |
|---|---|
| Participant Account ID | 0000000000 |
| Participant VPC ID | vpc-iab32123 |
From Bitnomial to the participant:
| Bitnomial → Participant | Value |
|---|---|
| Bitnomial CIDR Block | 10.240.0.0/16 |
| Participant VPC CIDR Block | 10.192.5.0/24 |
| VPC Availability Zone | us-east-2a |
| Peering Request ID | pcx-afb2f421 |
| Gateway IP:Port | 10.240.2.32:9000 |
| Pricefeed IP:Port | 10.240.4.42:9001 |
VPN
Customer DMA connectivity is provided via an IPsec VPN using BGP routing. A primary and backup tunnel are provided for fail-over redundancy.
To establish a VPN connection (4 steps):
1. Customer Information Gathering
The customer reports the intended public IP address of the VPN server to Bitnomial.
2. Bitnomial VPN Configuration
Bitnomial provisions customer access and the VPN connection and reports the primary and backup tunnel IP addresses to the customer. Primary and backup pre-share keys will be communicated via a conference call set up by Bitnomial.
3. Customer VPN Configuration
The customer configures Primary/Backup Tunnels Phase 1 (IKE) with the following information:
| Configuration | Value |
|---|---|
| IKE version | IKEv1 |
| Authentication Method | Pre-Shared Key |
| Authentication Algorithm | sha1 |
| Encryption Algorithm | aes-128-cbc |
| Lifetime | 28800 seconds |
| Phase 1 Negotiation Mode | main |
| Diffie-Hellman | Group 2 |
The customer configures Primary/Backup Tunnels Phase 2 (IPsec) with the following information:
| Configuration | Value |
|---|---|
| Protocol | esp |
| Authentication Algorithm | hmac-sha1-96 |
| Encryption Algorithm | aes-128-cbc |
| Lifetime | 3600 seconds |
| Mode | tunnel |
| Perfect Forward Secrecy | Diffie-Hellman Group 2 |
4. VPN Tunnel Confirmation
Both Bitnomial and the customer confirm primary and backup tunnel statuses are UP.
Routing
Bitnomial uses static IP routing and address blocks to avoid overlapping IP addresses (per RFC
1918). Customers assign hosts within the assigned
range. For example, a customer may be assigned a CIDR
Block of the form
10.192.5.0/24.
Firewalls need to allow TCP traffic from the order entry gateway/pricefeed IPs and ports that have been allocated. Customers can test exchange connectivity by attempting to login to their order entry gateway/pricefeed.
Note: ICMP messages (pings) are disabled.
Start Trading
Trade US Perpetual Futures, Physical Futures, and Options on the Bitcoin Complex®, XRP, ETH, SOL, and more.
Signing up with Bitnomial, Inc. requires additional verification with an FCM to trade futures. Futures accounts are offered by Bitnomial Clearing, LLC, a CFTC-registered FCM and NFA member. Trading in futures involves substantial risks. You should only trade in financial products that you are familiar with and understand the associated risks, and after carefully considering whether such trading is suitable in light of your investment experience, financial position, and investment objectives. Leverage in futures trading can work for you or against you. The risk of loss using leverage can exceed your initial investment amount. See Bitnomial entity affiliation and registration disclosures and FCM financial and risk disclosures.