Slashdot Mirror
The London Stock Exchange Goes Down For Whole Day
Colin Smith writes "TradElect, the Microsoft .Net based trading platform for the London Stock Exchange, was offline for about seven hours, meaning that their 5-nines SLAs are shot for approximately the next 100 years. The TradElect system was launched back in June of 2007 and was designed for increased speed and system capacity."
...now if only my wife would do that! /rimshot!
most of the american stock exchanges have been going down all year.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 is the magic number.
Assuming 8.5 hour trading day (0700-1530) and 250 trading days/year. Maybe a squirrel caused the problem ... ;-)
Hulk SMASH Celiac Disease
5 nines does not mean what you think it means.
So what happens when this happens again?
Ignore this signature. By order.
It was an ugly day of finger-pointing and near-fixes, but in the end, it just left all the financial firms standing there staring at the Exchange. Definitely was a big deal--and it seemed like a lot of volume spilled over to US markets, creating volume related issues here.
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
.... a method of controlling the market.
But Patch Tuesday is tomorrow?
Get your own free personal location tracker
Looks like someone needs to brush up on their buzzwords, specifically "mission critical" and "services no longer required".
"As God is my witness, I thought turkeys could fly." A. Carlson
Since when is 7 hours even close to "a whole day"? Maybe you meant "almost a whole business day"?
It's a whole trading day--and that's all that really matters when it comes to a major market.
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
I wish people would get into the habit of linking to the single page version of the FA.
The summary implies that TradElect was responsible for the shutdown, but according to the stock exchange itself, it wasn't the case. They say instead it was a network problem.
Agreed. It's a bit of flame-bait mentioning them in the summary when the exchange is being tight-lipped about what the root-cause is (if they even know at this point.) I do a lot of .NET stuff and, like other platforms eg. Java, there's many things that could cause problems, like plain old programming bugs.
$7.95/mo, 200 GB disk, 2TBxfer, MySQL, PHP, RoR.
Oh, she does... just not with you.
nudge nudge, wink wink.
Dedicated Cthulhu Cultist since 4523 BC.
"and was designed for increased speed and system capacity"
and see - it went down far faster and more completely than the previous system would have been able to. So that's progress. It's all in how you present it.
The exchange insists the problem was connectivity, not the trading platform.
Not to sound overly cynical, but I'd hardly expect them to acknowledge the problem if it were the trading platform that was the issue. That'd kind of be business suicide.
So their 9.9999% uptime is screwed?
proud caffeine whore
Perhaps the bit you're missing is that windows isn't quite as bad as the /. crowd likes to say it is. Especially if its an older (translation: fixed & stable) variety like win2k or even nt4.
I'm not sure if you're serious or not, but surely you aren't trying to compare NT4 uptime with the 5 9s of a solid System z platform?
Oh please. Persuasive marketers can get Windows installed just about anywhere including US war ships.
While it is commonly accepted by many techies (and strongly denied by others) that Microsoft Windows is not a suitable platform for that level of computing, sales people often bypass the techies who know better and sell to managers and executives who still believe "you can't get fired for using Microsoft."
With all this said, it will be quite some time (and possibly never) that we will ever know for certain what is at the root cause of the failure. You can be sure that Microsoft is all over this problem both technically and P.R.-wise. They won't let the facts get out if they are damaging. Recall the major power outage that many still believe was caused by a worm attacking Microsoft servers? As far as I can see, the true cause of that failure has yet to be revealed.
But if this was a planned event, or an unplanned disaster resulting from a planned event gone bad (updates, upgrade, other maintenance), you would think they would have provided for mishaps in some way or another.
But as this news story is all I have to go on, there is no indication of cause and so I will not presume this is a Microsoft problem. But it says a lot that NYSE runs on Linux and not Microsoft. It seems SOMEONE did listen to the techies.
After the malfunction, TradElect was immediately bought by UK's government for $200 billion and all its debts waved. In an unrelated story, medicare tax was raised yet again because of an unexpected shortfall.
.....I mean, there couldn't be any other possible cause for the problem.
Oh, she does... just not with you. nudge nudge, wink wink.
Your wife -- does she go?
More importantly, does she run?
More specifically, does she run Linux?
Ignore this signature. By order.
Does anyone else remember the "The london stock exchange chose windows 2003 for reliability, they didn't choose linux" ad banners that used to run all over the place, including slashdot if i remember?
Funny how it's all come crashing down...
"The london stock exchange chose windows, but after 7 hours of downtime wishes they had chosen linux".
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
"5-nines SLA"
I had to look this up, so I imagine other people didn't know it either (I thought was was a stock exchange term). First Google search result reveals the answer,
The Battle With "3 Nines" and The Goal of "5 Nines"
When I worked in academia I used to collaborate on a research project with a data architect from one of the major electronic exchanges. His whole shop is MS and .NET. I asked him why he didn't run Linux / Unix. He said that with competent guys the MS boxes had great uptime. Wall Street can afford to pay the top salaries so they attract guys who really know their stuff. Not just semi-competent people who managed to sit through an MSCE exam. [his words not mine]
Also he said support was crucial for his company. If something went down, he wanted to be able to call someone immediately. He couldn't afford to just post a question on a message board and hope someone replies. He wanted contracts with 3rd party support that had experience with similar huge enterprise systems that he had.
When I said there were companies who could provide excellent Linux support, he said his ass was on the line if something broke so he wanted to be able to justify his software choice to the the C-level guys. And those guys knew the name Microsoft. So he didn't see anything else as an option.
Wait! Are you suggesting that downtime can be caused by application problems, network problems, hardware problems, dumbass systems administrators and a whole slew of other things completed unrelated to the platform on which it is running?
I am *shocked*! *Shocked* I tell you!
My blog
The LSE going down is a big deal. The US exchanges have been trying very hard to displace LSE's strong hold in the EUROPEAN markets. With the merger of NYSE/Euronext and NASDAQ/OMX this cuts market share and faith in LSE as everyday passes. Additionally with continued tech issues, NASDAQ could reinvigorate their bid for LSE again! I work for a data major data vendor, and I know from experience the NYSE and NASDAQ are much more reliable than their European counterparts. Also LSE going down today is huge, considering the news on Fannie/Freddie, WAMU, Lehman, and the WRONG news on United Airlines. Many arbitrage opportunities were lost for LSE traders.
.NET garbage collector: "Oops, that wasn't garbage!"
'a';DROP TABLE users; SELECT * FROM DATA WHERE name LIKE '%'... if you're reading this, it didn't work.
Let me explain computers to you. See, the developer uses a set of platforms, languages, integration components, etc.. to deliver his functionality to the end user. A failure at any level can cause the application to fail. It could be application logic, network issues, hardware issues, integration with third party systems, a dipship systems administrator, etc...
And yet the 90-105 IQ SlashDweeb set comes out in numbers with no data and says "lolz Windoze! .NET haha!". Crikey.
Even if MS is able to make Windows good at what it is and generally reliable, what it is is not a high-SLA platform intended for mission critical systems, so there's really no excuse. I don't think NSA/CIA/DoD would say, "The security model of Windows isn't quite as bad as the /. crowd likes to say it is. Sure, we haven't reviewed it, but the IT guy says it will help us leverage synergy to effect better ROI."
You've seen the first scene of "four weddings and a funeral", surely?
Well, I'm a state employee, and I can tell you that a few 7 hour days in a row would outright kill me.
If you don't know what AltaVista is (was), get off my lawn.
No different then what can happen on a unix box I suppose.
Note that the current system is built around a large cluster of 2.2GHz servers, while the unix-based system it replaced (which coped perfectly happily with a substantial portion of the same traffic) ran from a smaller cluster of much slower servers.
The primary purpose for the new system, introduced less than a year ago, was to expand capacity. For it to have failed within a year due to lack of capacity basically means that it has failed in that objective.
In other words, he used the "no one ever got fired for buying IBM" defense.
President of Exchange: [Randolph Duke has just collapsed with shock] Mortimer, your brother is not well. We better call an ambulance.
Mortimer Duke: Fuck him! Now, you listen to me! I want trading reopened right now. Get those brokers back in here! Turn those machines back on!
[shouts - it echoes pathetically throughout the trading hall]
Mortimer Duke: Turn those machines back on!
"FDA staff reviewers expressed concern about the number of patients who were left out of the study because they died."
No, he'd waggle his arse .
A fanny would be a vagina in Britain.
Come on +5 informative!
"In the past six years, there have been no production outages at the London Stock Exchange, and the new systems running on Microsoft technologies are critical to maintaining this 100 per cent reliability record."
http://www.microsoft.com/casestudies/casestudy.aspx?casestudyid=200042
"XML is like violence. If it doesn't solve your problem, use more." - Anonymous Coward
yes, but how many times did they reboot it?
Oh, ye of lesser cynicism. I also, long ago, used to believe that language features could improve software reliability. Nowadays the idea just makes me cackle -- in actuality the universe just invents better idiots.
- "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
The article here blames it on some sort of botched upgrade.
No, actually the Windows system (10 ms per transaction) was a 13x speedup over the older system (135 ms per transaction), followed quickly by an addiditonal 50% speedup (6 ms per transaction). The Windows system was just recently updated to double performance again (3 ms per transaction), so it's now 45 times as fast as the unix-based system it replaced.
You may be able to fault it on reliability (though the olde system wasn't perfect either), but you can't fault it on performance.
Socialism: a lie told by totalitarians and believed by fools.
Leaky abstractions (look it up, it is a good read). A lot of times for kitchen sink platforms like .Net and Java you get burned by the bugs buried in the underlying platform. If to many of these system are stacked it becomes really difficult to have any stability.
Of course it is very unlikely that MS achieves five 9s on any installation, let alone as an average.
Engineering is the art of compromise.
6.40K transactions/second ought to be enough for everyone.
I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
Here: http://www.londonstockexchange.com/en-gb/products/membershiptrading/tradingservices/Incident/LIVE
Notice that there were several unsuccessful attempts to bring it back up.
What's really pitiful, LSE has just a fraction of data/trade volume of major US exchanges like Nasdaq or NYSE and still, their systems are regularly getting hosed, albeit not as much as today's meltdown.
Hopefully in coming years LSE will lose market share to Nasdaq/Europe, BATS/Europe, Chi-X and other electronic markets - that should teach them well.
I'm not sure I understand the distinction you're trying to draw,
Latency versus throughput. If the new system processed those serially while the old could handle 130 in parallel, then the old system would be 10x faster even though the new was 10x quicker.
but total transaction capacity of the system increased along the same lines.
Yes, after throwing massive amounts of hardware at the problem.
Dewey, what part of this looks like authorities should be involved?
No, but I can point to the New York Stock Exchange, which uses AIX and Linux.
GCHQ Quantum Insert installed. If only our tongues were made of glass, how much more careful we would be when we speak
>It's called redundancy. Yes, a single router will fail. 2 at once? Likely not. 3? No.
Saw triply redundant systems fail twice in my career as a net admin.
I'm willing to bet your life on the reliability of triple redundancy.
-fb Everything not expressly forbidden is now mandatory.
If she's down then who will do the dishes and laundry? How do you reboot her? Does it really take 7 hours? Don't they make drugs for that?
What.. what's a wife?
It's like a mother, but requires less therapy.
It goes from God, to Jerry, to me.
Why did the upgrade fail, I guess is what an intelligent person would ask. You haven't asked that. You've hilariously assumed it's .NET or Microsoft's fault.
As a matter of like for like, I'm going to assume it was because some Linux dweeb walked in and tripped over a network cable. Ergo, I now claim Linux dweebs are clumbsy oafs who should be banned from computer rooms.
It's about the same thing when people say that "XP does not crash, it's faulty device drivers that crash".
If a system should be reliable, then it should be reliable, no excuses accepted. It does not matter if it's system bugs, application bugs, hardware failures or power outages, a system that pretends to achieve 99.999% availability should take all that into account.
The operating system is not at fault if the power goes down, of course, it's a sloppy engineer that designs a system without redundant power supply. But, likewise, a sloppy engineer will prefer a system that lets him configure and operate it by click-and-drag, instead of a carefully designed and tested set of procedures.
A critical system should NEVER depend on an operating system that does not have a proper batch language. That should be a compact and powerful script language, using TEXT files for configuration that can be hand edited if needed, that can be stored and archived in a version control system, so that bugs can be tracked.
You have hit the nail right on the head.
I'd like to suggest another factor: Stability-conscious developers -- those that know about race conditions, memory leaks, atomic transactions, and the like -- tend to gravitate towards operating systems that make it easy to put their ideas into practice.
That isn't to say Windows is inherently unstable, it just means that it is more difficult to write a stable and reliable application on that platform. And even if you think you got all your bases covered, you can still get blindsided by depending on poorly written code churned out by some .NET developer who was happy enough to ship something that appeared to work most of the time.
The good developers then shrug and say Windows is not suitable for critical computing, and go back to UNIX-ish platforms or whatever they are more comfortable with. Rushing into that void are legions of Windows developers who are also happy enough to ship something that appeared to work most of the time, and the cycle continues.
I mean, that might be what they worked on, but it's kinda pointless; what's interesting is the # of transactions per second, and that can usually be improved at the expense of individual latency. For example, databases can be configured to wait a few milliseconds to group transactions, so as to write several to disk in one single write/sync.
Nick Illidge Financial Markets Sales Manager at Microsoft UK "We are delighted that the London Stock Exchange has selected the Windows platform to base a significant part of its business on. This is further evidence of the enterprise scalability of the Windows franchise. We see our relationship with the Exchange and Accenture as a strong partnership. The Exchange is bold in its technology vision, Accenture provides the capability to deliver this vision, and Microsoft is providing the core technology to help provide the business benefits that the Exchange is looking for."
David Lester CIO at the LSE says ... that the LSE "is the only exchange in the world not to have had a single outage in six years."
"This is all about the question, 'How are we going to take over the world?'" says Lester, "... I believe this system -- because it's fast, agile and reliable -- will help us compete better. Our current system has to go down for four hours every evening to get ready for the next day's trading," he says. "The batch processing is '80s and '90s technology. You can't run a global market with a system that has to be down for four hours."
Here's a great factoid
Before joining the Exchange in 2001, David worked for Thomson Financial and Accenture.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
IIRC, Brazil Bovespa had a small glitch last month or two.
Back in the day when Wall Street and financial markets ran on Solaris systems (AFAIK), this shit wasn't common.
Now it's probably going to become *acceptable* for stock exchanges and aviation reservation software to crash.
Apparently, there's a new generation of a-holes on the system administration markets who grew up with Windows and the Blue Screen of Death, that thinks it's acceptable for operating systems to crash, once in a while. Is it evolution?
Main difference between the BSD license and the GPL license: one is from California and the other is from Massachusetts
Oh, yes.. battery backed write cache. With batteries produced by the lowest bidder. The warranty is for 3 years, and the battery lasts just that long before silently failing. When the power goes, well you really didn't need that data written to disk on your database server, did you?
We now do not allow any server to be put into production with any kind of write cache on it. Ever.
"Be grateful for what you have. You may never know when you may lose it."
Ok, so here's the tally I've seen so far:
- LSE today (7 hours downtime)
- Ho Chi Minh City stock exchange (3 days downtime)
- Brazil futures, BM & F, aug 26, 2008 and Bovespa Nov, 30th, 2007.
that I've heard of.
It's incredible! This looks systemic and widespread.
I guess it's a great marketing achievement for Microsoft.
When will people in the financial sector wake up and learn they've been duped?
Main difference between the BSD license and the GPL license: one is from California and the other is from Massachusetts
Maybe he meant rim-job...
There are two rules for success:
1. Never tell everything you know.
That was the their first mistake. What were they thinking? You need a 3 highly available Unix clusters with three SANs. You need three to elect a quorum. If you don't know what a quorum is you shouldn't be attempting to design system that is supposed to deliver on a 5-nine SLA. Each geographic location should include 1 cluster and 1 SAN. All three locations networked with dark fiber. fiber routing should be set up so that a cluster can fail over to a SAN in another location. As far as Hardware is concerned, I would go with a cluster of IBM P6-570 and use an EMC Symmetrix DMX SAN at each site. .Net trading platform.. I have to laugh! Microsoft .net = 5.none SLA! .Net is only good for people who would like to create a light duty website. Under a load it breaks. The London Stock Exchange proves my point.
Who the heck designed this?
What.. what's a wife?
WIFE: Specialized form of WIFI, indicating one of two stations engaged in a (semi-)permanent point-to-point link, the other station typically called HUSBAND. Unsecured transmission often leads to packet loss 9 months after initial association, resulting in long-term elevated QoS requirements. Roaming is usually forbidden by link protocol, although experiments with mesh networks have been reported. DOS attacks often lead to severed links, litigation and possibly material and financial damages.
The Hacker's Guide To The Kernel: Don't panic()!
I've been the lead architect and/or senior programmer on a couple of futures and options exchange trading platforms (CBOT's Order Routing System, CBOE's CBOEdirect) and pay the bills currently by connecting firms to various electronic trading platforms. Hardly anyone uses Microsoft except for GUI/user-facing applications. The back-end stuff is almost always UNIX/Linux.
Off the top of my head, I know that all the LiffeConnect-based systems (London Financial Futures Exchange, EuroNext, Amsterdam, CBOT Metals Complex, Tokyo Futures Exchange, probably a couple of others) run on Linux (a relatively recent change from Sun boxen). NYSE now owns that codebase, and I'm pretty sure that the NYSE uses Linux and AIX on its own platform.
The Chicago Mercantile Exchange's GLOBEX trading engine (running CME, CBOT non-Metals, NYMEX plus a couple smaller exchanges like Minneapolis and Kansas City) platform runs on Linux. They migrated from Solaris to Red Hat back in 2004.
The Intercontinental Exchange's WebICE platform is written in Java and I believe it's running on Linux, but there may be some Solaris still around.
The CBOEdirect system is Java but runs mostly on Sun Enterprise hardware. There is some Linux in the mix, and they certainly use it on some of their other trading systems.
In the (futures and options) trading world, running on Windows servers is considered to be a sure sign of being bush-league. Demand for UNIX/Linux is huge. And I'm not saying this as a Java/UNIX/Linux snob - most of the systems I've written were Microsoft-based (for a variety of reasons - most started out as technology demonstrations that grew way beyond their intended lifespan - "the client's always right").
Based on this description, seems to me that "arbitrage" is a nice word for inserting yourself into a trade which has nothing to do with you for the purpose of bleeding both the seller and the buyer out of some profit without producing or contributing anything of value. Making it more difficult would make the actual productive parties in the trade better off, and likely help economy as a whole.
Or, to put it even more bluntly: arbitrage, as described by you, is a nicer name for parasitism.
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
WTF did a moderator mark this as flamebait? The poster was right, HA is a) hard and b) expensive.
I designed some of the HA stuff many years ago for Eurex. We used OpenVMS and had two clusters (over 40Km apart) for the main and standby with the standby system also being used for development with a flick of a switch the standby cluster could take over in production. We had no SANs in those days but used Digital's Hierarchical Storage Controllers. These days it runs with SANs but the host systems still run VMS and there are now product specific clusters.
The next level down there are access points containing communications servers providing connectivity to member systems and routing to the hosts which are scattered around the globe. A member normally has connectivity to two access points. The only single point of failure for a member is where both lines come together for the last few metres into their building and some idiot digs a hole in the road.
See my journal, I write things there
I work in London as a freelancer in IT in Investment Banking. My professional experience was mostly with IT Products/Services companies.
Although I haven't worked in the LSE, from the places I've worked in around here I came out with the impression that most people in IT in this industry are amateurs (and that includes those in other geographical locations).
Any kind of more advanced IT concepts such as technical analysis, software/hardware architecture, iterative software development processes are pretty much either not done or done by people you don't have clue about what they're doing.
I'm hardly surprised with what happened in the LSE.
I have a feeling that the 'normal' IT situation was to blame for this.
Preamble: Technical Expertise provided a wonderful architecture that was HA and robust, fast, and scalable.
Bean Counters looked at the cost and said "You Tech guys spend too much money."
IT architects: "How much is your data worth?"
Bean Counters: "Not this much. Look we don't really need all of these systems. My home system has been working for 4 years with no problems. And I've talked with Microsoft Execs and they will cut us a deal for their platform. Now go away, I've just decided how the architecture will be done. Why did we hire you anyways?"
There are no loopholes. It's either legal or it's not.
Um, wrong - Ever heard of the Mono Project?
Mono provides the necessary software to develop and run .NET client and server applications on Linux, Solaris, Mac OS X, Windows, and Unix.
http://www.mono-project.com/
Glad you fell for Microsoft's marketing campaign. There is a reason they don't crush mono. It gives a illusion that there is choice. Name me