Is there a tomato router that can do 300/10?

Discussion in 'Tomato Firmware' started by yalag, Jul 9, 2013.

  1. yalag

    yalag Reformed Router Member

    I just got a new cable connection and my old tomato router can only do 45Mbs. Is there one that can do 300? And if not, what custom firmware should I use? DD-WRT? Which router should I buy for maximum performance? Price is not the main concern.

    Thank you!
  2. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    The answer is no, for Tomato, dd-WRT, and OpenWRT on consumer hardware.

    N66U/N66R with RMerlin's asuswrt may work depending on the features you enable.

    Old x86 PC running a firewall/router distro like pfsense is your best bet. You can use your current router as wireless AP. Suggest digging out an old PC or laptop or checking the local classifieds.
  3. JAC70

    JAC70 Addicted to LI Member

    What IS the fastest Tomato build right now? I jumped from Victek to Toastman for USB HDD spindown under DLNA, but I lost 30Mbps doing so. :(
  4. Elfew

    Elfew Network Guru Member

    USB HDD spindown is not in Victek mod?

    Just enabled it under USB and NAS...

    BTW - there are a lot of optimalization in Victek firmware, I have the best results with his firmware on my 150/100Mbit internet connection with my RT-16n. I have about 135/95 Mbit after testing, so it is really good. (with modem from provider I have same results, so this is my max speed)
  5. JAC70

    JAC70 Addicted to LI Member

    It wasn't in the previous version, which is when I switched. Haven't tried his new one. Victek's old version gave me 160Mbps, though, so it looks like his new one has the same problem as Toastman's.
  6. Elfew

    Elfew Network Guru Member

    Yes it was... I have been using Victek build over 8months

    Anyway with N66u I can achieve about 180Mbit
  7. JAC70

    JAC70 Addicted to LI Member

    Sorry, I should have specified I was using Victek's .9007 build when I switched to Toastman for USB HDD spindown functionality.

    Anyhow, I'm trying Victek .9013 1.1w, and it has the same WAN speed decrease as Toastman, so I can only assume that Fast NAT is disabled in both builds.

    Anyone know how to reenable Fast NAT? I'm not using QoS or site blocking.
  8. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    CTF and fast NAT don't work with Tomato, dd-WRT, or OpenWRT. The CTF check box in the Tomato GUI doesn't do anything - AFAIK it's a relic from previous attempts to get CTF, netfilter, and other functions to play nicely together.
  9. JAC70

    JAC70 Addicted to LI Member

    I don't recall seeing or using a CTF check-box, so I'm assuming my loss of speed is because Fast NAT was enabled in Victek's .9007 build (circa 2011), but everyone has disabled it in recent builds due to it breaking features.
  10. Monk E. Boy

    Monk E. Boy Network Guru Member

    As I recall someone ran a test and it was disabled in ASUS's firmware on an RT-N66U once you enabled QoS. It's a pretty universal thing.

    It doesn't take a particularly beefy PC to push 300Mb around. You'd need something stronger than a netbook but less powerful than a normal desktop PC. And the willingness to experiment with sometimes cryptic install/setup procedures required by free firewall distributions (for the most part, these days, they're smooth sailing).
  11. Elfew

    Elfew Network Guru Member

  12. Victek

    Victek Network Guru Member

    Adding some information what Elfew pointed, yes, a mikrotik router average can do it... but if you look deeper at mikrotik specifications the hardware is less powerful than for instance RT-N16, so, what's the difference? If you try to apply same features as tomato have (access restriction rules, QoS, Traffic Shape...) then the WAN-LAN speed will be less than a router with Tomato. Just to give a hands up comment to avoid surprises... ;)
    Elfew and koitsu like this.
  13. Elfew

    Elfew Network Guru Member

    I agree. But everything is about optimalization. Mikrotik devices have "less powerful" hw but really.good fw.

    I think "we" can get higher dw or upl speed in Tomato with some.more optimalizations...

    And yes, when you need 300mbit you have to buy better hardware this purpose.
  14. phuque99

    phuque99 LI Guru Member

    This made me curious so I took out my spare Buffalo WZR-HP-G300NH router just to test routing speed. I used the following netcat pipe commands and avoided disk read write because single hard disk will not come close to 300Mbps.

    Sender: yes | nc 3343
    Receiver: nc -l 3343 > /dev/null

    There were no QoS or custom rules. The iptables handled only one thing, NAT. Average LAN-WAN and WAN-LAN routing speed turned out to be 265Mbps. The fastest peak was 269Mbps. This was measured by bmon and iftop on the router and iPulse on one of the Mac.

    The caveat is the Buffalo was running OpenWRT. What I noticed is almost 100% of CPU is consumed by kernel software interrupt daemon. So NAT routing speed is CPU bound and handled by the kernel. The Buffalo router has a 400 Mhz MIPS so I think the routing speed is limited by the CPU.

    I'm guessing that if you are able to find a faster CPU, you'll should get the required 300Mbps NAT routing speed. My Tomato router is the E3000 with a 480Mhz CPU. It is not much faster and will likely produce the same result. It's also my production router at home and taking it out from behind furniture to test is too much hassle.

    RT-N66U's CPU is rated at 600Mhz, so it might be able to hit 300Mbps or more.
  15. RMerlin

    RMerlin Network Guru Member

    An RT-N66U would have no problem hitting that... with HW acceleration enabled.

    Since Tomato cannot use HW acceleration (it would be incompatible with MANY of its features for starter), I don't see any Tomato router hitting 300 Mbits any time soon. Even a 800 MHz dual Cortex A9 RT-AC56U caps at about 240 Mbits if you disable HW acceleration, so that means that you won't get that kind of raw power from a Broadcom-based router for maybe another two years.

    Maybe a Ralink-based device might be able to, but then you will have to forget about Tomato as it does not support these SOCs.
    Victek likes this.
  16. phuque99

    phuque99 LI Guru Member

    Do you know what is this hardware acceleration? I'm not familiar with Asus routers.

    I was able to get 269Mbps with Linux kernel handling the routing alone. You don't think that a faster CPU with the same Linux iptables routing could break 300Mbps ceiling? OpenWRT and Tomato both uses iptables for NAT.
  17. RMerlin

    RMerlin Network Guru Member

    Same as in all Broadcom-based routers. They have a closed-source module called ctf (Cut-Through Forwarding) which does numerous optimizations - not all of them known since it's closed source. One of the things it does is bypass a good portion of Netfilter, which is why QOS for instance doesn't work with it. I suspect it also handles directly accessing the data in the Ethernet switch buffers, saving the CPU work that is usually handled by a softirq.
  18. Elfew

    Elfew Network Guru Member

    HW acceleration is the answer :)

    OK, I saw it in tomato 2 years ago, but it is not working... maybe for someone who need only high throughput it could be useful to fix this in Tomato... (I know, it breaks QoS, BW limiter, ...) but many users dont use them...

    I use BW limiter, so it is not for me, but I think there will be 300/300mbit internet connection in short time (now I can buy from provider only 150/150 but in bigger cities in our country people have higher speeds (200/200mbit, 250/250mbit etc.) so it is only matter of time...
  19. phuque99

    phuque99 LI Guru Member

    Following some discussion on compiler optimization, I recompiled the firmware and kernel with the following gcc flags:

    "-O2 -pipe -march=24kc -mtune=24kc"

    LAN-WAN routing performance improved to 275Mbps average and 279Mbps peak. I guess if you get a router with faster CPU and build with optimization specific to that CPU's MIPS architecture, you may hit or exceed 300Mbps.


    As it turned out, the yes command wasn't a good traffic generator, I repeated my routing tests with dd, and the results surprised me!
    $ dd if=/dev/zero bs=1024K count=5120 |nc 5555
    5120+0 records in
    5120+0 records out
    5368709120 bytes (5.4 GB) copied, 128.288 s, 41.8 MB/s

    41MB/s = 342Mbps. So there you have it, compiler optimization will likely break the 300Mbps barrier for you.
    Marcel Tunks likes this.
  20. koitsu

    koitsu Network Guru Member

    How is that test being done across LAN<->WAN? It looks to me like it's a LAN<->LAN test.

    If it's LAN<->WAN, then it means your router is in Router mode (not Gateway mode), and that also would invalidate the test -- packets in that case aren't going through the NAT layer, nor are they being forwarded.

    Edit: The answer is in this post, which I had not read.
  21. StrykerNL

    StrykerNL Serious Server Member

    RT-N66U with merlin's firmware works like a charm on a 300/300 FTTH connection for me ^_^
  22. phuque99

    phuque99 LI Guru Member

    Don't worry, I double checked. was the "WAN" static IP with port forwarding to the "LAN" IP I performed a litmus test of LAN-to-LAN transfer and found out that dd was way faster as benchmark. Just in case you're curious, this is my LAN-to-LAN:

    $ dd if=/dev/zero bs=1024K count=5120 |nc 5555
    5120+0 records in
    5120+0 records out
    5368709120 bytes (5.4 GB) copied, 87.2446 s, 61.5 MB/s
    I think the slow AMD E-350 CPU on one of the test machine is bottleneck that prevented me from achieving Gbit speed.

    If I have more time and motivation, I might pull out my furniture and contend with the dust to run more tests on the production E3000 machine. And I'll share my results if found ways to optimize it further on Tomato.
  23. RMerlin

    RMerlin Network Guru Member

    Best way to test throughput is to run iperf on both sides of the router (a PC plugged to WAN, and another plugged to LAN.
  24. phuque99

    phuque99 LI Guru Member

    Getting iperf installed on my Mac was too much trouble. I used what was readily available on the default OS. If dd+netcat was faster on switch than LAN-WAN routing, I think they served the goal.
  25. koitsu

    koitsu Network Guru Member

    Here's my real-world LAN-to-LAN test on an Asus RT-N16.

    Client: (Windows XP SP3, with some TCP stack tunings; Atheros 8161)
    Server: (icarus.home.lan; FreeBSD 9.2-STABLE; Intel 82573E)

    D:\>ftp icarus.home.lan
    Connected to icarus.home.lan.
    220 icarus.home.lan FTP server (Version 6.00LS) ready.
    User (icarus.home.lan:(none)): jdc
    331 Password required for jdc.
    230 User jdc logged in.
    ftp> cd /storage/CD_Images/FreeBSD/9.1-RELEASE
    250 CWD command successful.
    ftp> dir
    200 PORT command successful.
    150 Opening ASCII mode data connection for '/bin/ls'.
    total 1603352
    -rwxr--r--  1 storage  storage  153296896 Dec 31  2012 FreeBSD-9.1-RELEASE-amd64-bootonly.iso
    -rwxr--r--  1 storage  storage  718862336 Dec 31  2012 FreeBSD-9.1-RELEASE-amd64-disc1.iso
    -rwxr--r--  1 storage  storage  768925696 Dec 31  2012 FreeBSD-9.1-RELEASE-amd64-memstick.img
    226 Transfer complete.
    ftp: 297 bytes received in 0.00Seconds 297000.00Kbytes/sec.
    ftp> mget *.img
    200 Type set to I.
    mget FreeBSD-9.1-RELEASE-amd64-memstick.img? y
    200 PORT command successful.
    150 Opening BINARY mode data connection for 'FreeBSD-9.1-RELEASE-amd64-memstick.img' (768925696 bytes).
    226 Transfer complete.
    ftp: 768925696 bytes received in 8.20Seconds 93737.13Kbytes/sec.
    ftp> mget *.img
    200 Type set to I.
    mget FreeBSD-9.1-RELEASE-amd64-memstick.img? y
    200 PORT command successful.
    150 Opening BINARY mode data connection for 'FreeBSD-9.1-RELEASE-amd64-memstick.img' (768925696 bytes).
    226 Transfer complete.
    ftp: 768925696 bytes received in 7.73Seconds 99421.48Kbytes/sec.
    ftp> quit
    221 Goodbye.
    The reason the 2nd fetch is faster has to do with use of the ZFS ARC used on the machine (basically the entire 768MByte file gets cached in RAM on after the first get), but that's system administration stuff I'd rather not get into.

    I should also note that the two machines are, Ethernet-cable-length-wise, about 250 feet apart (nice long CAT6 run).

    So if you're only getting 60-some megabytes/sec across your LAN interfaces, its possible there's a disk or network stack or NIC driver or CPU bottleneck somewhere -- otherwise it's caused by the use of the Realtek RTL8366S (or possibly RTL8366RB) switching IC used by the WZR-HP-G300NH, which may not be as good as the BCM53115 used in the RT-N16. The reason I mention two Realtek switching ICs is because OpenWRT's site indicates that Buffalo has been changing the internal hardware around without changing the model/version number of the device (search for the word "bumping"); really hate it when vendors do that, ticks me off.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice