Here we describe common options for all gateway solutions. You can see all options by using --help from the command-line.


Most options have sensible defaults for a balanced configuration.

You should only have to override the defaults, if you want to tune the configuration for ultra low latency.



A name used to identify the service.


The exchange name (or a list of exchange names). This will often be used to populate the exchange field of event messages.


The implementation of the flag is owned by each gateway. (It is not a generic flag.)

For some gateways it will be a single name. Most often you can choose the name you want to identify the exchange by.

For other gateways it may be a comma-separated list of exchange names. This is almost always the case if you connect to a broker. However, it may also be the case if you connect to an exchange gateway that acts as a front for a number of distinct exchanges. For example, CME Globex is a front for several exchanges such as BrokerTec and Nymex. For these cases you must provide exchange names matching those used by the broker or exchange.


Directory used to cache data between runs, e.g. config history or authentication tokens.


Enable drop-copy mode? This mode requires support from the gateway: the user must be configured accordingly.



The config file path. See here for further details.


An optional secrets file path. See here for further details.


User configuration is retained for this period.


The user_id is an integer which is encoded into the ClOrdID when order requests are being sent to an exchange. If a gateway is restarted, it must somehow remember the mapping from user_id back to the name found in the configuration file. The cached config history is used to track this mapping.

Since user_id has limited range (254 possible values), we need to recycle id’s. However, due to the exchange remembering orders for a certain period, it’s not safe to recycle immediately after a name has been removed (or renamed) from the config file. We therefore retain the “last seen” timestamp and will only recycle the id after the period configured here.


There are no guarantees that an old user_id mapping can’t collide with a newly created mapping.

You should ensure orders are canceled when a user name is removed (or renamed). And you should set this value to a longer period than the one used by the exchange to publish closed orders.



A filesystem path used by clients to establish communication with the service.


Unix domain sockets are used to exchange shared memory file descriptors between clients and gateway. You can therefore only connect clients running on the same host.

After an initial handshake, a Unix domain socket remains connected with the only purpose of checking the liveness of a connected client. All following communication is over shared memory.


All services (gateways, clients, bridges, …) support a HTTP interface for accessing and/or updating internal state.


The path or port used to expose service metrics.


The HTTP URL prefix path used to query for service metrics.


Directory containing static files, e.g. $CONDA_PREFIX/share/roq/web.


Gateway services are primarily implemented around a core event loop.


The defaults will allow the gateway to sleep (and therefore preserve CPU). This is for low latency (response time: double-digit microseconds).

For ultra low latency (response time: single-digit microseconds) make sure to pin the dispatch thread to a CPU using --loop_cpu_affinity and choose the following options for busy-polling

  • --loop_sleep=0ns

  • --loop_timer_freq=250ns


Used to pin the main dispatch thread to a specific CPU.


Use to relinquish control to the kernel.


Gateway timer frequency.


The core event loop looks a bit like this (pseudo code)

std::chrono::nanoseconds next_timer_update = {};
while (true) {
  auto now = get_monotonic_clock();
  if (now > next_timer_update) {
    next_timer_update = now + FLAGS_loop_timer_freq;
    drain_epoll_queues();  // socket processing (*no* wait!)
    gateway_timer();  // gateway specific, perhaps send ping to exchange
  drain_shared_memory_queues();  // connected clients
  if (FLAGS_loop_sleep) {
  • The core event loop is primarily designed for low latency, i.e. busy-polling.

  • --loop_sleep=0ns will never relinquish the CPU.

  • --loop_timer_freq=250ns will regularly drain socket queues. This is about achieving the best responsiveness, when communicating with the exchange, whilst reducing the time spent transitioning between user-space and kernel. It is here important to understand that syscall’s are expensive and will block the gateway from responding to client requests communicated over shared memory. You are encouraged to experiment and optimize for your own server configuration.

  • --loop_timer_freq=0ns will always drain socket queues. This may be a good choice, if you use a kernel bypass solution, e.g. something based on SolarFlare or DPDK. You are encouraged to experiment and optimize for your own server configuration.


Gateways may opt-in to use either of these flags


Override the connection timeout. Default is 5 seconds.


Disconnect if nothing “important” has been received before the timeout. This is only implemented where relevant and, when it is, it depends on the communication protocol. Default is to not disconnect.


Validate TLS certificates.


The gateway will cache certain views (based on rolled up events) for the following purposes

  • Allow download of current state to newly established client connections.

  • Early detection of e.g. bad order book state. These situations may occur as a result of lost messages and/or programming mistakes. It is important that the gateways can act as a first order level of protection such that clients (trading strategies) don’t act on incorrect information.


The size of a pre-allocated vector required to hold a list of order fills.


For various reasons, an exchange may allow choice or inverted order books to be disseminated. However, choice or inverted prices will most often indicate a problem somewhere in the stack (lost message, programming mistakes, …)


Compute checksum? This can be useful when verifying the client order book is exactly identical to the gateway’s.


The size of a pre-allocated vector required to cache a rolled-up view of MarketByPrice .


The size of a pre-allocated vector required to hold a list of exchange trades.


This flag allows you (opt-in) to cache all reference data including symbols that would normally be discarded due to regex matching.


The gateway can automatically persist a log of all events. This is useful for simulation, back-testing and investigations.


Directory used to write an event-log. Default is to NOT write the event-log.


The event log is saved to this relative path

  • Category is either md or om

  • The ISO week is formatted like this 2020-W37.

  • The name is what you have specified as --name.

  • The filename is constructed from startup time in milliseconds since the epoch.


Sub-directory as YYYY-WWww? (Alternative is YYYY-MM-DD.)


Maximum time between buffering (encoding and compression) and write-to-disk.


Update last modified/access times on sync?


Exceptions may be logged if the event-log file has been moved to another path. This will not interfere with other event-logging operations.


Size of the output buffer in bytes.


Encoding method.

Note! Currently only supporting Flatbuffers.


Compression level. Depends on the compression method.

Note! Currently only supporting Brotli.


The event log is not persisted to disk in real time. This is primarily to avoid wearing out your storage device and allow for better compression.


Create symlink to latest event-logs at the top-level directory?

License Manager#

To unlock all features you must acquire an access token from the license manager.


A file containing a public/private key pair generated by roq-keygen for further details. (from the roq-tools package).


URI’s used to contact the license manager (comma-separated list).


Is the service deployed to UAT?


The name is useful when investigating what services have currently locked all licenses. However, you may decide to opt-out from revealing the service name.


Directory where access tokens can be cached.


Time between refresh.


Desired lock period. (The license manager will ultimately control if this is accepted or overriden.)


You should NOT expect the gateway to be fully operational without a valid access token.

External Orders and Trades#


Whether to capture external trades into the event-log


Most exchanges implement a request rate-limiter.

Sometimes it’s possible to receive information from the exchange’s rate-limiter making it possible for us to at least try to mirror what is the current state.


The implementation is experimental and is likely to be removed again. You can effectively disable this check by settings --rest_rate_limit_max_requests to some high number.


The time interval being monitored. We use a fixed window for efficiency reasons (as opposed to sliding window which requires us to track the full history of requests).


The maximum limit for requests multiplied by their weights. The weights are hard-coded matching what can be found from exchange documentation. A weight of 1 is being used when such information can not be found. Disable by setting this to a high number.



Allows a risk manager (drop-copy client) to publish positions and risk limits. Order requests will then be validated against current positions, current risk exposure and risk limits. See here for further details.


Allows a position manager (drop-copy client) to publish positions. This is a subset of the functionality provided by --enable_risk.


Gateways may optionally broadcast messages to UDP.


The gateway will only publish to localhost. It is possible to use the tee module of iptables to clone packets for distribution to other hosts (serverfault).


Port(s) used to broadcast snapshot messages.


Optional IPv4 address(es), e.g. for localhost (also the default).


Port(s) used to broadcast incremental update messages.


Optional IPv4 address(s), e.g. for localhost (also the default).


Delay between snapshot updates, e.g. 10ms.


Minimum time until repeat, e.g. 1min.


Heartbeat frequency, e.g. 3s.


Message encoding, e.g. flatbuffers.


Gateways may optionally cache routing_id.




Port(s) used to broadcast OrderAck and OderUpdate messages.


Optional IPv4 address(es), e.g. for localhost (also the default).


Optional IPv4 address(es), e.g. for localhost (also the default).


Multicast TTL


Multicast available on localhost?


UDP listen port (used by roq-journal to ack).