1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Fastnat Wan to Lan Throughput Question

Discussion in 'Tomato Firmware' started by InsaneNutter, Nov 17, 2013.

  1. InsaneNutter

    InsaneNutter Addicted to LI Member


    I have been reading on the forums about Fastnat, and how it essentially breaks QOS and Access Restrictions on Tomato at present. I then randomly read that if QOS is disabled and you have no access restrictions enabled Fastnat should be enabled.

    This appears to be the case with the Advanced Tomato 1.28.0000 MIPSR2-1.15.14 K26 USB AIO build i have just upgraded my Asus RT-N16 to.

    With access restrictions / QOS disabled:


    With access restrictions / QOS enabled:


    As can be seen i get another 18Mb/s throughput with what i presume is Fasatnat enabled, my connection is 120Mb so is been maxed out.

    Now to be perfectly honest i'm happy with 108Mb/s, its always been the upload speed i've wanted more of in recent years.

    My question:

    If at some point in the future i was to get an Asus RT-AC66U would the throughput be any better without Fastnat? i'm presuming its CPU dependant from what i've been reading here. I have no plans to get another router at present, i'm just curious.
  2. koitsu

    koitsu Network Guru Member

    How many speedtests did you run (for each configuration) before concluding what you did?
  3. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    I thought you had to run
    modprobe bcm_nat
    in order for it to be enabled...

    As koitsu implied, the difference in speed may be spurious or real. If it's real, it may have more to do with the QoS settings, CPU load, or factors other than fastnat (which may not even be loaded.)

    You should be able to max out your existing connection with Tomato on an AC66U.
  4. InsaneNutter

    InsaneNutter Addicted to LI Member

    I don't use QOS anyway, however i ran the speed test 5 times with access restrictions enabled and 5 times with them disabled and got the same result with 1mbps difference at the most.

    Here are some speed tests ive just done now.

    Access restrictions enabled:


    Access restrictions disabled:


    Is their anyway i can check and see if fast nat is enabled?
  5. darkknight93

    darkknight93 Networkin' Nut Member

    Run dmesg and you will See bcmfast nat loaded as Module. For example you can use dmesg | grep 'bcm'
  6. InsaneNutter

    InsaneNutter Addicted to LI Member

    It doesn't appear to be loaded when access restrictions are either on or off, well that ruins that theory.

    Strange how i can always get 125Mb/s with access restrictions off, however with them on the router is capped to around 108Mb/s.
  7. mstombs

    mstombs Network Guru Member

    Not so strange, just means CPU bottleneck when checking incoming messages against the iptables configured kernel netfilter tables/chains. Add in a pppoe wan and vpn connection, encrypted wifi link it will drop more!

    Always a battle getting optimum arrangement of iptables configured rules. You want to ACCEPT good packets as soon as possible, but often easier to DROP specific bad things first. Tomato has multiple linked chains which helps configuration but could introduce wasted CPU cycles when links empty.
    Marcel Tunks likes this.
  8. Toastman

    Toastman Super Moderator Staff Member Member

    We are trying to achieve high throughput with an underpowered device. Every little thing that you can turn off, all unnecessary bells and whistles, will impact performance, encryption included. Things will get better as we see faster processors in consumer grade routers, unfortunately many of the better choices will be ARM devices and not Broadcom. There are several people attempting to port Tomato to ARM devices now, but in the meantime, if you need high speeds, you have to turn off as many unnecessary processes as you can (only enable them when you need to use them). If possible, use cable LAN connection and turn off wifi (use an AP for that instead) ... simplify rules and access restrictions, etc...

    If you get to the point where you think you don't need any of tomato's features, then stick with the original firmware and use FASTNAT, will get you the best throughput.

Share This Page