Derivatives Connectivity

Data Center Locations

The Coinbase Derivatives trading platform currently operates out of two locations: Chicago, Illinois and Secaucus, New Jersey. Production: Equinix CH4 Data Center
Address: 350 E Cermak, Chicago, Illinois, 60616 DR/Integration: Equinix NY5 Data Center
Address: 800 Secaucus Road, Secaucus, New Jersey, 07094 Internet connectivity is hosted via AWS.

Environments

Coinbase Derivatives operates the following environments:

Production
Disaster Recovery (DR)
Integration (Production Parallel / UAT environment)

Connectivity Protocols

Type	Protocol	Integration Internet Connection	Production Internet Connection	Links
Order Entry	FIX 4.4	Available	Available	FIX Order Entry
Market Data	FIX 4.4	Available	Available	FIX Market Data
Order Entry	SBE	Available	Cross Connect Only	SBE Order Entry
Market Data	UDP	Cross Connect Only	Cross Connect Only	UDP Market Data
Drop Copy	FIX 4.4	Available	Available	FIX Drop Copy
REST Gateway	HTTPS	Available	Available	REST API

See the Runbook for information on the FIX API gateways.

Coinbase Derivatives Points of Presence

Environment	Physical Location	Types of Connectivity available
Production	Equinix CH4	Cross Connect, AWS PrivateLink, Internet.
Disaster Recovery	Equinix NY5	Cross Connect, AWS PrivateLink, Internet.
Integration	Equinix NY5	Cross Connect, AWS PrivateLink, Internet.

Connectivity via Cross Connect

Coinbase Derivatives Exchange (CDE) participants can establish cross-connects in the facilities detailed under CDE Locations.

Multicast connection using the BGP routing protocol with PIM

How to Connect

Contact the CDE team about establishing a private co-located fiber connection.
The CDE team will: a. Issue a letter of authorization (LOA) allowing you, the participant, to connect into CDE equipment.
Each fiber connects to physical equipment that is completely redundant from the other connections.
b. Assign 2 IP address per side:
- 1 address range for BGP peering.
- 1 address range for connecting to CDE that is advertised by the participant.
c. Assign a private ASN for BGP peering. Participants can use a public ASN as long as it is owned by them.
Configure BGP with all parameters provided by CDE.
Optionally, configure PIM and RP addresses to receive multicast market data. RP Addresses for each connection are provided by CDE.

Connectivity via Internet

Clients may connect to select Coinbase Derivatives APIs via the internet. This solution is recommended for testing or non-latency sensitive systems. Please note that Coinbase Derivatives only accepts SSL/TLS1 encrypted connections for internet-based connections. See IP Addressing section for target host names. Clients are encouraged to whitelist both Production and DR public addresses on their firewalls.

SSL/TLS Details

Preferred: TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
Accepted: TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
Accepted: TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
Accepted: TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
Accepted: TLSv1.2 128 bits AES128-GCM-SHA256
Accepted: TLSv1.2 128 bits AES128-SHA256
Accepted: TLSv1.2 256 bits AES256-GCM-SHA384
Accepted: TLSv1.2 256 bits AES256-SHA256

Connectivity via AWS PrivateLink

Clients may connect to Coinbase Derivatives Exchange via AWS PrivateLink. This allows for some of the benefits of private connectivity without having to cross connect directly in the datacenter. Private connectivity via AWS PrivateLink offers reduced latency and a more stable connection when compared to the Public Internet. It should be noted that for the lowest latency and most stable connection possible, Colocation Cross Connects are still recommended. Each PrivateLink has multiple availability zones and regions that are supported. However, for the most optimal results using the primary region and availability zone is recommended.

Production Connectivity

PrivateLink offering in AWS Region US-EAST-2 and US-EAST-1
Service Name: com.amazonaws.vpce.us-east-2.vpce-svc-01bf36c2a63eaf006
Availability Zones supported:
- az1 (Primary)
- az2
- az3

Disaster Recovery Connectivity

PrivateLink offering in AWS Region US-EAST-1 and US-EAST-2
Service Name: com.amazonaws.vpce.us-east-1.vpce-svc-0051aaaf1479eae00
Availability Zones supported:
- az2 (Primary)
- az4
- az6

Integration Connectivity

PrivateLink offering in AWS Region US-EAST-1 and US-EAST-2
Service Name: com.amazonaws.vpce.us-east-1.vpce-svc-0766c510bc2c236a8
Availability Zones supported:
- az1
- az4 (Primary)
- az6

To configure PrivateLink, send your AWS Account ID to derivatives@coinbase.com so that it may be authorized. Once authorized, you’ll see the service name in your console.

IP Addressing

Cross Connect Unicast Networks

Environment	A Feed Subnet	B Feed Subnet
Production	208.52.130.0/27	208.52.130.32/27
Disaster Recovery	208.52.130.64/27	208.52.130.96/27
Integration	208.52.130.128/27	208.52.130.160/27

Cross Connect Multicast Networks

Environment	A Feed Subnet	B Feed Subnet
Production	233.246.250.0/27	233.246.250.32/27
Disaster Recovery	233.246.250.64/27	233.246.250.96/27
Integration	233.246.250.128/27	233.246.250.160/27

Cross Connect Multicast RPs

Environment	A Feed RP	B Feed RP
Production	208.52.130.16	208.52.130.48
Disaster Recovery	208.52.130.80	208.52.130.112
Integration	208.52.130.144	208.52.130.176

Production

Service	A Feed	B Feed	Internet Host Name	Port	Protocol
SBE Order	208.52.130.17	208.52.130.49	N/A	6210	TCP
FIX Market Data	208.52.130.18	208.52.130.50	fix-marketdata.exchange.fairx.net	6120	TCP
SBE Market Data Retransmit Equity	208.52.130.19	208.52.130.51	N/A	6220	UDP
SBE Market Data Retransmit Non-Equity	208.52.130.19	208.52.130.51	N/A	6221	UDP
SBE Market Data Incremental Equity	233.246.250.17	233.246.250.39	N/A	6222	Multicast
SBE Market Data Snapshot Equity	233.246.250.18	233.246.250.40	N/A	6224	Multicast
SBE Market Data Incremental Non-Equity	233.246.250.19	233.246.250.41	N/A	6223	Multicast
SBE Market Data Snapshot Non-Equity	233.246.250.20	233.246.250.42	N/A	6225	Multicast
FIX Order	208.52.130.20	208.52.130.52	fix-orders.exchange.fairx.net	6110	TCP
FIX Drop Copy	208.52.130.23	208.52.130.55	fix-drop-copy.exchange.fairx.net	6130	TCP
REST Gateway			api.exchange.fairx.net	N/A	HTTPS

Disaster Recovery

Service	A Feed	B Feed	Internet Host Name	Port	Protocol
SBE Order	208.52.130.81	208.52.130.113	N/A	6210	TCP
FIX Market Data	208.52.130.82	208.52.130.114	fix-marketdata.exchange-dr.fairx.net	6120	TCP
SBE Market Data Retransmit Equity	208.52.130.83	208.52.130.115	N/A	6220	UDP
SBE Market Data Retransmit Non-Equity	208.52.130.83	208.52.130.115	N/A	6221	UDP
SBE Market Data Incremental Equity	233.246.250.81	233.246.250.103	N/A	6222	Multicast
SBE Market Data Snapshot Equity	233.246.250.82	233.246.250.104	N/A	6224	Multicast
SBE Market Data Incremental Non-Equity	233.246.250.83	233.246.250.105	N/A	6223	Multicast
SBE Market Data Snapshot Non-Equity	233.246.250.84	233.246.250.106	N/A	6225	Multicast
FIX Order	208.52.130.84	208.52.130.116	fix-orders.exchange-dr.fairx.net	6110	TCP
FIX Drop Copy	208.52.130.87	208.52.130.119	fix-drop-copy.exchange-dr.fairx.net	6130	TCP
REST Gateway			api.exchange-dr.fairx.net	N/A	HTTPS

Integration

Service	A Feed	B Feed	Internet Host Name	Port	Protocol
SBE Order	208.52.130.135	208.52.130.167	sbe-orders.integration.fairx.net	5210	TCP
FIX Market Data	208.52.130.136	208.52.130.168	fix-marketdata.integration.fairx.net	5120	TCP
SBE Market Data Retransmit Equity	208.52.130.137	208.52.130.169	N/A	5220	UDP
SBE Market Data Retransmit Non-Equity	208.52.130.137	208.52.130.169	N/A	5221	UDP
SBE Market Data Incremental Equity	233.246.250.135	233.246.250.167	N/A	5222	Multicast
SBE Market Data Snapshot Equity	233.246.250.136	233.246.250.168	N/A	5224	Multicast
SBE Market Data Incremental Non-Equity	233.246.250.137	233.246.250.169	N/A	5223	Multicast
SBE Market Data Snapshot Non-Equity	233.246.250.138	233.246.250.170	N/A	5225	Multicast
FIX Order	208.52.130.138	208.52.130.170	fix-orders.integration.fairx.net	5110	TCP
FIX Drop Copy	N/A	N/A	fix-drop-copy.integration.fairx.net	6130	TCP
REST Gateway			api.integration.fairx.net	N/A	HTTPS

UDP Multicast Market Data Channel IDs

Product Group	Channel ID
Equities	0xaf31
Non Equities	0xaf32

GET STARTED

WALLETS

PAYMENTS

TRADING

BASE TOOLS

DATA

AI

STAKING

FAUCET

CONSUMER APIS

BUSINESS APIS

INSTITUTIONAL APIS

Data Center Locations

Environments

Connectivity Protocols

Coinbase Derivatives Points of Presence

Connectivity via Cross Connect

How to Connect

Connectivity via Internet

SSL/TLS Details

Connectivity via AWS PrivateLink

Production Connectivity

Disaster Recovery Connectivity

Integration Connectivity

IP Addressing

Cross Connect Unicast Networks

Cross Connect Multicast Networks

Cross Connect Multicast RPs

Production

Disaster Recovery

Integration

UDP Multicast Market Data Channel IDs

GET STARTED

WALLETS

PAYMENTS

TRADING

BASE TOOLS

DATA

AI

STAKING

FAUCET

CONSUMER APIS

BUSINESS APIS

INSTITUTIONAL APIS

​Data Center Locations

​Environments

​Connectivity Protocols

​Coinbase Derivatives Points of Presence

​Connectivity via Cross Connect

​How to Connect

​Connectivity via Internet

​SSL/TLS Details

​Connectivity via AWS PrivateLink

​Production Connectivity

​Disaster Recovery Connectivity

​Integration Connectivity

​IP Addressing

​Cross Connect Unicast Networks

​Cross Connect Multicast Networks

​Cross Connect Multicast RPs

​Production

​Disaster Recovery

​Integration

​UDP Multicast Market Data Channel IDs

Data Center Locations

Environments

Connectivity Protocols

Coinbase Derivatives Points of Presence

Connectivity via Cross Connect

How to Connect

Connectivity via Internet

SSL/TLS Details

Connectivity via AWS PrivateLink

Production Connectivity

Disaster Recovery Connectivity

Integration Connectivity

IP Addressing

Cross Connect Unicast Networks

Cross Connect Multicast Networks

Cross Connect Multicast RPs

Production

Disaster Recovery

Integration

UDP Multicast Market Data Channel IDs