Tomato Shibby E4200 WAN 100mbps limited?

Discussion in 'Tomato Firmware' started by Nelsoon, Feb 8, 2013.

  1. Nelsoon

    Nelsoon Serious Server Member


    This is my first post on this forum since this is the first time i'm stuck on a problem with tomato.
    Presently i run tomato-E4200USB-NVRAM60K-1.28.RT-N5x-MIPSR2-105-AIO but i tested RAF, toastman and other Shibby firmwares and it's the same in every case.

    My Internet connection is presently 300 down / 200 up, but i can't get it on tomato firmware. With original linksys firmware or directly connected to the Modem i get about 286/196 mbps. If i use Tomato i get no more than 96/58.

    I tested it in factory default configuration and also in factory default + CTF.
    Ethernet cables configuration didn't change between Original Linksys firmware and Tomato one.

    Can anyone help me on that or it's a problem with Tomato firmware in general?
    (Also take note the problem is only for WAN-LAN/WLAN while LAN-2-LAN is not affected)
  2. Victek

    Victek Network Guru Member

    Good morning Nelsoon, Did you tested with Tomato RAF? Here are my details (Sorry, I'll post later.. no space in my server).. how many streams or what type of stream is your target? In worst case RAF reach 117MBits/sec (with 6 streams) ..but as you see the sum exceeds by large the expectations... What version did you tested?, Any script or firewall rules? QoS activated?...

    Test made with default values, standard defaults.

  3. PetervdM

    PetervdM Network Guru Member

    you might check your wan cable, and try another one to rule out a faulty cable. gigabit connection requires at least a cat5e cable with 8 wires. if one of the wires 4,5,7 or 8 is broken or shortened your wan port falls back to 100Mb.
    download ( ) and copy the robocfg utility to your router, and make it executable. run "robocfg show". does port 4 show as 1000FD? if not you might check advanced, miscellaneous, wan speed, is it set to "auto"?
  4. Nelsoon

    Nelsoon Serious Server Member

    I did tests with the last version of RAF, of toastman and of Shibby.
    WLAN to LAN get me about 180mbps (with a 3stream wlan computer)

    The problem is when i'm going on the Internet, inside my LAN the speed is okay, is when i try to download at 300mbps i get only 96mbps from the same Server
    that allowed me to go to 286mbps. (All my tests are done on LAN ports (No WLAN)).


    Tests are made after a NVRAM erase and with only changes: Wifi Name, Wifi Security, and local network and with CTF activated if supported by the specific firmware.

    For RAF, i tried the that version: tomato-E4200USB-NVRAM60K-1.28.9013MIPSR2--RAF-VLAN-VPN-NOCAT and it is also almost the same speed.

    I didn't touch to cables because the Linksys Original Firmware is working correctly with the speed.

    "Switch: enabled gigabit
    Port 0: DOWN enabled stp: none vlan: 1 jumbo: on mac: 00:00:00:00:00:00
    Port 1: 1000FD enabled stp: none vlan: 1 jumbo: on mac: 00:00:00:00:00:00
    Port 2: 1000FD enabled stp: none vlan: 1 jumbo: on mac: 00:xx:xx:xx:xx:xx
    Port 3: 1000FD enabled stp: none vlan: 1 jumbo: on mac: 00:xx:xx:xx:xx:xx
    Port 4: 1000FD enabled stp: none vlan: 2 jumbo: on mac: c8:xx:xx:xx:xx:xx
    Port 8: 1000FD enabled stp: none vlan: 1 jumbo: on mac: c0:xx:xx:xx:xx:xx
    VLANs: BCM53115 enabled mac_check mac_hash
    1: vlan1: 0 1 2 3 8t
    2: vlan2: 4 8t
    3: vlan3: 8t"
  5. PetervdM

    PetervdM Network Guru Member

  6. koitsu

    koitsu Network Guru Member

    No, actually, it doesn't. This statement indicates you haven't actually had real-world experience with Ethernet switches -- I'm talking real switches, as in Cisco, Juniper, and ProCurve devices. :)

    The OP has provided absolutely no PHY information about the device he has the router attached to -- that device should be providing visual (or via a UI of some sort) what the negotiated PHY speed is which that attached device reports.

    There are absolutely devices out there that negotiate speed incorrectly even at gigE. Want proof? Take a look at the RT-N16 H/W Revision A1 when hooked up to a Motorola SB6120 H/W Revision 1.0 (read the full thread, do not skim it -- read it, as the answer is at the very end of the first page -- my posts on the 2nd page pertain to a different issue that is router-level and has to do with the behaviour of the switch vs. firmware behaviour). The two PHYs used in these products do not negotiate gigE correctly, resulting in 100mbit speed (in that example, the RT-N16 actually reports 100mbit, but the inverse situation could be true where the RT-N16 could report gigE while the attached device could believe 100mbit). Newer hardware revisions of the SB6120 (and thus the SB6121) negotiate the speed correctly. This is purely a PHY compatibility problem between two PHY vendors.

    This problem is greatly conflated by further complexities relating to PHY initialisation done at the kernel level (on both devices (i.e. router as well as whatever the router is attached to)). Sometimes the initialisation is done wrong, other times it's done right but the device on the other end has bugs/makes bad assumptions as to how to negotiate speed per 802.3ab standard.

    The OP needs to check both the router as well as whatever the router is attached to on the other end to see what it reports the negotiated PHY speed as. If he doesn't have access to that device, then he needs to talk to whoever does. If that cannot happen, the OP should try changing hardware (i.e. picking a completely different manufacturer and model of product. I would strongly suggest the RT-N16, as most of Linksys and Netgear's products tend to behave stupidly during PHY initialisation for whatever reason (probably PHY init driver idiocy)).

    TL;DR -- looking at one end of an Ethernet segment and saying "well that tells us what both ends think" is completely, 100%, wrong.
  7. Nelsoon

    Nelsoon Serious Server Member

    I will explain my setup: Optical Network terminal <---> ISP Router (Sagercom F@st 2864) <----> My router (E4200) <----> Desktop Computer

    When i connect my laptop on WAN of the E4200 and do LAN speedtests between my desktop and my laptop i have the same problem.

    Like i said since the first post if I flash FW_E4200_1.0.05.007_US_20120823_code.bin the original firmware my speed has no problem. How the Sagercom, my laptop and the Optical Network terminal be the problem (i tested all three on the WAN port of the E4200) when the Tomato firmware is flashed?

    By the way i don't have access to Ethernet Ports Speed in the Sagercom F@st 2864 webui.
  8. koitsu

    koitsu Network Guru Member

    I would suggest calling your ISP and asking them verify the speed of the port on the Sagercom F@st 2864 that connects to your WAN port. If they say 1000mbit or gigE then that's the best we can do.

    Does your laptop have a gigE port? Many laptops, even today, do not. Was gigE negotiated? Did you check both ends (the laptop and the router)?

    I would suggest installing iperf on your laptop and installing iperf on your router (available via Entware (do not use Optware)). Then issue an iperf test from the router directed at the laptop, save the results, then issue an iperf test from the laptop to the router and save the results. Yes, you need to test both ways. Test both TCP and UDP. How to use iperf:

    What I'm trying to determine is if the pps (packets-per-second) rate just happens to be maxing out at something that's below 100mbit by total chance (i.e. limited by CPU, packet forwarding, kernel, etc.) or if the actual Ethernet PHYs are actually operating internally at 100mbit. There is a huge world of difference.

    For "general messing about" options, I believe the stock Linksys firmware has the Broadcom-proprietary CTF feature enabled (read the user manual to see what it is), while this feature is default disabled in TomatoUSB citing problems (see 2nd page of this post). You can enable CTF on present-day TomatoUSB by doing the following in the CLI or under Tools/System:

    nvram show | grep ctf_

    The results should show something like ctf_disable=1 in which case you can try enabling CTF by doing the following:

    nvram set ctf_disable=0
    nvram commit

    Then reboot the router. I believe you can verify if CTF is enabled afterward by issuing lsmod and there should be a ctf kernel module listed somewhere (this is the proprietary closed-source Broadcom ctf driver). I will not be held responsible for problems you experience after doing this, or any other packet-related anomalies.

    Online docs even from Teddy Bear himself say to do ctf_enable=1 which is wrong -- I just looked at the source code. It's ctf_disable=0; the code checks to see if NVRAM variable ctf_disable is set to 1 and if it isn't then it calls modprobe("ctf").

    Otherwise, effectively the only way to diagnose this is through kernel profiling, and that's a task that requires a Linux kernel developer who is familiar with the underlying code. There is nobody in the TomatoUSB project at this time, that I know of, who can do this (the kernel cannot be upgraded or changed dramatically due to reliance on Broadcom's closed-source binary-blob wireless drivers).
  9. gfunkdave

    gfunkdave LI Guru Member

    Koitsu, he's saying that it works fine when using the real Linksys firmware and gets slow when switching to Tomato. It's clearly not a hardware problem.
    eahm likes this.
  10. PetervdM

    PetervdM Network Guru Member

    yes, in this case it does. the OP indicated that with stock FW he obtained speeds above 100Mb which is only possible when his equipment operates at gigabit speed. his hw didn't change, neither the sw of the modem. so they are no longer part of the equasion. that leaves tomato and it's settings, and there was always the possibility of tomato not initialising the E4200 switch right. the robocfg 1000FD report on port 4 proves the switch setting is right, so the link has to be right too.
    o, and don't worry about my experience with enterprise grade network equipment in my 25y career as a professional network administrator and engineer.
  11. Guzel

    Guzel Network Guru Member

    I have 1000/1000mbit internet . Whit my e4200 shibby 105 i get 188/153 mbit whit linksys fw 289/320mbit . I have rt-n56 l get 989/890mbit. Tomato dosent have FastNAT support . Have old 3500l whit teddy b beta-16 whit fastnat support but the qos dosent work 328/290mbit
    eduncan911 likes this.
  12. Nelsoon

    Nelsoon Serious Server Member

    My laptop do gigE negociated. I didn't install iperf. With ctf_disable=0 i don't see ctf loaded. In fact i'm not sure where is the binary to load it.

    Guzel, what firmware exactly are you running? Is-it the one with 5Ghz enabled?
  13. koitsu

    koitsu Network Guru Member

    Ah, I see the problem. ctf_disable=0 does in fact work correctly, however the actual ctf module (should be named ctf.ko) module is not included in any of the firmwares, so the modprobe() call never actually loads anything (which is why you don't see it in lsmod). So it seems the firmware authors have chosen to completely remove ctf.ko from the firmware image (meaning find / -name "*ctf*" won't return anything), although it does exist in the git/source repo:

    drwxr-xr-x   3 jdc      jdc          4096 Nov 12 21:50 ./release/src-rt/ctf
    -rw-r--r--   1 jdc      jdc        276680 Nov 12 21:50 ./release/src-rt/ctf/linux/ctf.o
    drwxr-xr-x   2 jdc      jdc          4096 Nov 12 21:50 ./release/src-rt/linux/linux-2.6/drivers/net/ctf
    -rw-r--r--   1 jdc      jdc           624 Nov 12 21:50 ./release/src-rt/linux/linux-2.6/drivers/net/ctf/
    drwxr-xr-x   2 jdc      jdc          4096 Nov 12 21:50 ./release/src-rt/include/ctf
    -rw-r--r--   1 jdc      jdc          7783 Nov 12 21:50 ./release/src-rt/include/ctf/hndctf.h
    The code for making the .o (not .ko) appears to live in tomato/release/src-rt/linux/linux-2.6/drivers/net/ctf. You're free to look at the Makefile and if you want to see what's what. Remember: this is purely Broadcom proprietary.

    Now, fastnat -- because it's been mentioned -- is something completely different / unrelated to ctf. You can see if fastnat is enabled by doing:

    cat /proc/sys/net/ipv4/netfilter/ip_conntrack_fastnat

    A value of 1 means it's enabled, a value of 0 means its disabled. fastnat, at least on some Toastman builds (not sure about Shibby), is enabled by default unless you enable/use QoS, Access Restriction, or the Web Monitor capabilities -- the instant you use of those, fastnat is disabled (and must be -- there is a long thread on's forum about this problem).

    If doing the above results in a "No such file or directory" error, then that means your firmware's kernel was not build with fastnat support. I can assure you that firmware tomato-K26USB-1.28.0501.2MIPSR2Toastman-RT-N-Ext.trx does have fastnat capability. CTF, on the other hand, isn't present (as described above).

    Overall, my recommendation at this point: if the stock firmware provides you the speed you require/need then I would recommend you run that.
  14. eahm

    eahm LI Guru Member

    Which routers does your provider offer for 1000/1000?
  15. Guzel

    Guzel Network Guru Member

  16. eahm

    eahm LI Guru Member

    I understand you can use whatever you want, I just wanted to know which brand and model your provider trusts.
  17. Mihai Olimpiu-Cristian

    Mihai Olimpiu-Cristian Networkin' Nut Member

    Sorry to bring this up from the grave, but this is a very interesting discussion, as more and more ISP's provide GIGABIT internet at affordable prices... I was very interested how the heck Linksys E4200 managed a WAN to LAN speed of 600 mbps when the best comparable router, the ASUS N-16 managed with the same CPU only 160 mbps.
    I don't have the possibility to test the CTF module in Shibby (it's included in the extras archive) as 50 mbps it's enough for me even if I have the possibility to get 1000mbps at double the price.
    I have enabled BCM_NAT tough without too much improvement again as my link-speed is enough for me...

    This should be studied further, as a simple line could be the difference in buying a new router or disabling some not so popular options but gaining some very important speed.

    I've seen this as the primary reason to buy a new router, but how many of you need a new one if this possibly provides speed in excess of 500 mbps on older Broadcom hardware?

    Later Edit: I've seen this is discussed a lot in older threads, and has been deemed incompatible with tomato, just for the fun of it I loaded the module from extras and will test it for a while...
    Last edited: Mar 10, 2014
  18. eduncan911

    eduncan911 Reformed Router Member

    And I am bumping this as well because I am sitting on 150/65 and not getting these speeds with WRT610N V2 (with DD-WRT). I am currently setting up an E4200 with Shibby's TomatoUSB v120 to give it a go.

    Mentioned above, CTF is included in the Extras archive? Aiight, I'll try to give that a shot (if I can figure out how to install the extras).

    I plan on upgrading to 300/150 as soon as I can lick this.

    If all else fails, I do plan on an R7000 purchase - hopefully that will work with TomatoUSB.
  19. eduncan911

    eduncan911 Reformed Router Member

    Got TomatoUSB Shibby v120 loaded. No QoS, Access Restriction, or the Web Monitor capabilities enabled.

    Tried to enable "ctf.ko" from the extras, and the router reboots. I put the script (listed below) into the "Run after mounting" for the USB stick, and the router constantly reboots (bootloop). It's AWOL and I cannot connect fast enough to fix it. For now, i jsut yanked the USB stick and it let me back into the router (cause the script doesn't run now).

    So, CTF is not supported with Shibby v120? At least, on my E4200 it isn't working.

    * Static IP address
    * Basic NAT with custom DDNS settings (DNS hostnames really, some loopback and resolution configs)
    * Port forwarding

    ...and that's it. I did "nvram set ctf_disable=0" and "nvram commit".

    Some background...

    My Verizon FiOS is: 150/65

    My old Linksys WRT54G v3.1 running Tomato v1.25 was only able to manage 35/25 speeds.

    With TomatoUSB Shibby v120, with just the above configs, I can now get 90/40. Still a far cry from my max speed (tested with 5 different "speed test" services - all are exactly the same!).

    Sticking the stock Atheros Verizon FiOS router on, I get a solid 158/74 from all 5 speed test services. So, I do have the bandwidth, and the speed test sites do work. It is TomatoUSB that is slowing down.

    Broadcom's CTF

    So, I figured out how to install the "extras" with some hints from here (though, it didn't work exactly as said in that old thread).

    Here's a mini How To to get the extras loaded below (e.g. to enable "ctf") that hopefully will help others out that run across wanting to install extras. There is a lot of extras. I wish there was a list of what they all were (I can figure out ipsec, usb1 and some).

    Step 1) Stick in a USB stick. Yep, you need one to store the files. You will have to leave it here, so pick one to stay. Tip: Format it on your Windows/Linux machine first, and NAME the partition something you know.

    Step 2) SSH/Telnet to your router's IP address and login. Tip: Windows 7/8 doesn't come with Telnet out of the box, but you can install it from the Program and Features menu and "Add/Remove Features" options. Personally, I use good old PuTTY.

    Step 3) Enable CTF (to get it ready to load the module?) by entering the commands below once you log into the terminal (without the "# " hash).

    # nvram set ctf_disable=0
    # nvram commit
    # reboot

    Step 4) Find your USB stick's mount.

    With TomatoUSB Shibby v120, the USB mounts to the following as default:


    I formatted my 16GB USB stick in Windows using FAT32, and named it "USB_16GB". Therefore, my path was:


    I'll be referring to this path going forward. If you can't figure it out, you can either browse your TomatoUSB config site normally and go to USB and NAS, and it will list your USB stick mounted at the very bottom under Attached Devices, and the exact path will be listed there.

    Step 5a) Change directory to it, wget the extras for your build, unzip it.

    # cd /tmp/mnt/USB_16GB
    # mkdir extras
    # wget
    # tar xvzf extras-mips2.tar.gz

    * Note that the above gets the extras for build 120 for E4200. Make sure to get the extras specifically for your build of where you downloaded the firmware from.

    ** Also note that the last un-tar command did not work for me! It should have, but I kept getting a file error. So, this is what I did:

    Step 5b) Download to local machine. I used Windows, doesn't matter.

    I then used 7-Zip to un-gzip the file. Then I used 7-Zip again to un-tar the file.

    Now you should have a large list of files.

    I then took the USB_16GB stick from the router, put it into my Windows machine, copied the files and directories manually, removed the stick and put it back into the router.

    You should now have a list of files (aka mods) ready to install.

    Step 6) Log in and install the CTF mod!

    # cd /tmp/mnt/USB_16GB/extras
    # insmod cft

    * Do note that my directory I created was called "extras" and I copied the files I un-tarred from my Windows machine directly into it.

    That's it... But now the router instantly reboots. After rebooting, I then ran:

    # lsmod | grep ctf

    And it returned nothing. So, it is NOT loaded.

    I then made the stupid mistake of putting the command into the "Run after mounting", and now the router constantly reboots. The command I entered (specific to my path) was:

    insmod /tmp/mnt/USB_16GB/extras/ctf

    I saved my changes, and then rebooted the router.

    The router was lost... It constantly bootloops (reboots). Pinging it returned 30 "no response", with maybe 1 "response" before it rebooted again.

    I removed the USB stick, and power cycled the router. The router came back up normally (cause the script cannot run to load the ctf module.

    I believe I did everything right. Some parting thoughts (cause I have no more time to spend on this):

    * Should I even set nvram ctf_disabled=0? Maybe I should set it back to "1" and try to load the module then, to see if lsmod shows it?

    * Should my script first "change directory" to the /tmp/mnt/USB_16GB/extras first? And then attempt to insmod? (maybe there are supported files that insmod is expecting?)

    * I'll try to load up the factory defaults on the Linksys E4200 to test. I was given this router, and have been running Tomato for so long on my old router, I just wanted to load it straight outta the box.

    Didn't even think about running stock firmware to test first.
  20. eduncan911

    eduncan911 Reformed Router Member

    As a small update: I've upgraded my FiOS to 150 / 150 and achieve 165 / 148 when using the OEM FiOS router. When I disable wireless on the E4200 w/Shibby v120, and have nothing but DHCP and Gateway enabled, I can now achieve 120 / 110 speeds - a pretty decent improvement (but not the 165/148 I get with other routers).
  21. Stormdrain

    Stormdrain Network Newbie Member

    Seems to be a problem among many brands that use tomato firmware(Asus, Linksys, Tenda, etc). My current connection is 200/20. But on Tenda the most I can get is 160/20. But with same setup and wires I can get my full connection on modem alone. Plus I can get my full connection when using my old Netgear WNDR3700v1.
    Arris TG1627 (bridge mode) 200/20
    Netgear WNDR3700v1 (stock firmware) 200/20
    Tenda W1800R (tomato v119 Shibby) 160/20
  22. Annita

    Annita Networkin' Nut Member

    Hi all,
    Any news on this one? I now have a 300/30 Mbps connection and all I can get with my E4200v1 with Shibby v130 is 120/30... :(
  23. LanceMoreland

    LanceMoreland Network Guru Member

    When I was running an E4200 v1 as a main router, about all I could get through it was about the same as you with OpenVPN set up on it. With OpenVPN disabled (reducing overhead) I could get slightly more. That is about the max the cpu can handle. I am now using an ARM based router and can now max out my internet connection. I use the E4200's as access points now.
  24. eduncan911

    eduncan911 Reformed Router Member

    @Annita Nope, no update. Tomato just isn't as efficent as the POS OEM firmware (and who wants to run that!).

    Personally, I built an 8-core Atom router running Arch Linux LTS. I upgraded to 500 Mbps / 500 Mbps (yes, you read that right) and barely found someone on a Gigabit connection that was finally able to max out my upload around 430 Mbps. Download, oh yeah... 540 Mbps baby...

    My Tomato Shibby E4200 router? Sadly, I flashed it back to OEM firmware and re-enabled the wireless - using it as one of 3 access points I have on my home network (same SSIDs, all on different channels of course). 2x E4200s, 1x WRT610N. Any version of custom firmware with these routers just locks up the router after a few weeks, or a month or two.

    Original firmware, no lockups (and I've tried a lot.. a LOT of custom firmwares).

    TL;DR So basically I gave up on custom firmware, setup my own Linux-based router and just run my routers as Access Points throughout the house.

    Our connections down the street and around our house has never been stronger, on all devices, on all levels.

    Oh, and that 8-core Atom router? 13W idle and pulls 29W from the wall under full load! :)
  25. aztech

    aztech Serious Server Member

    I have no issues what so ever with my E4200 and 100/100 fiber connection. I was on Shibby 116 for the last year or so and this week updated to 131.

    No lookups even when using several torrents with hundreds of simultanius connections.

    I really can't complain on this hardware, it's great considering the age and specs of the device.

    Skickas från min iPhone via Tapatalk
  26. Annita

    Annita Networkin' Nut Member

    If Tomato can't handle the connection, then I guess it's time for a change of router... Athough I was very happy with my E4200v1 but I also want to use the full power of my connection speed. When you say: ""People have just basically upgraded to the 1 Ghz routers and continue to live with the inefficiencies." Which will be today's best router without spending crazy money (around $150)?? Netgear R7000 or Asus RT-AC68U?
    Will they work on a 300/30 connection with Tomato or with stock firmware??

    So you built a 8-core Atom router yourself? How did you do it? Which firmware are you using? Estimated cost?
    Last edited: Aug 10, 2015
  27. eduncan911

    eduncan911 Reformed Router Member

    When I looked at buying a new router at 1 Ghz, dual core, etc, Tomato wasn't taking full advantage to the dual cores, Tomato releases from Shiby and others are slim to none, not knowing the diffs, security patches very slow to be released (I am still not sure that Heatbleed was ever patched in Tomato!).

    Also, there are quite a few security exploits for these routers, OEM firmware especially but also in Tomato (there's been many, and I am sure there are many undocumented). It was time to take matters into my own hands.

    At the same time, I was moving from Windoze to Debian/Ubuntu as my primary development machine. So, I setup a Debian router on an old PC.

    Then came the need to lower the footprint and make it more power efficient. At this time, I had already moved onto Arch Linux as my main distro and absolutely fell in love with the "knowing every square inch" of my entire distro, besides always have the latest security fixes within hours of fix (Arch linux was the fastest to fix heatbleed, with an to all related services released within hours of the official OpenSSL fix: then a simple "pacman -Syu" and I was done).

    This year, contracting has been very good so I decided to up my connection from 150/150 to 500/500. I was sad to not be using my entire 150/150 for about a year, basically wasting 30 Mbps/mo cause my E4200v1 would not keep up with it that it was time for a change...

    Enter this bad boy:
    and this one:

    The difference between the C2750 and C2758 is that the C2758 has additional encryption instructions on the chip, greatly increasing OpenSSL (e.g. OpenVPN) speeds native to the hardware instead of relying on software to do it. It requires a Linux kernel patch (sorry Windoze) and a custom OpenSSL build to utilize it. I haven't gone that far yet. In contrast, the C2750 has "turbo" that boosts 0.2 Ghz higher if you really need more speed out of this monster.


    Atom 8-core 2.4 Ghz (2.6 Ghz tubro on the C2750).
    4x Gigabit LAN on PCIe (much lower CPU overhead!)
    ECC ram only (ouch $$$)

    The extremely low power usage is just insane for all this!

    Waaaaaaaay waaaaay overkill for a router though. There are much cheaper dual and quad core Atoms you can get. Again, just start with an old Core 2 Duo or something with at least 1.2 Ghz or higher. Way more than anyone needs. My personal needs is "flexibility" as I am just built that way... Down the road, I may setup some VMs on it, or some Docker containers to deploy some websites. Who knows. It's actually a pretty damn good Plex Media Server as well, able to handle 2 to 3 streams at the same time.

    Now, once you have some hardware, pick a Linux distro of choice. There are several pre-built Router distros:

    * pfsense
    * Alpine Linux

    And others. The two above are specifically built to be a Router Linux setup, dirt easy.

    But me? I'm now an Arch Linux guru... With Arch, you build your Linux from scratch - knowing every single service, config file and open port your system has because frankly you were forced to configure it. And I mean quite literally from scratch: you install bash and start from there. You carefully pick what service you want, which will not work from a simple install: requires configuration. And then, it won't start automatically, requires adding to a daemon (systemctl). And even then you have to edit your firewall to even allow it.

    I do not recommend Arch to anyone, unless you are already lightly familiar with Linux and ahve a month to kill in reading docs. The documentation is fantastic. Instead of reading 1000s of forum posts, page after page, and posting for help, the Arch wiki is like no other: there's a page and a hack for everything, fully documented, and kept up to date. And yes, there are "Arch as a Router" pages as well. It's one of the things that drove me to Arch, because I found myself constantly fixing Debian and Ubuntu installs, and the only fixes were in Arch Wikis.

    I am missing quite a few things... I don't have a web gui, so editing is always a PITA. I don't have a bandwidth monitor as I haven't found one that I am happy with (the closest is one that exposes data on a bus, and I need to write a daemon to record data from that bus - not ready to spend that time yet, maybe one day in GoLang as a side-project). But that's fun I can have later, expanding it. I have considered writing my own little secure API to control these things; but even then, I know that's an issue as the very nature of such an API will need to run as root. There are some tricks, like running a backend service on a bus that the API could talk to. THat way, if the API is exploited, they only have rights that the user the API is running under. But even then, they will have access to that bus. So, I am not even happy running an API on my internal network!


    Sorry for the long post... My point is you can setup your own PC to be your router without much effort, and have full control over your system. Most won't go that route though and find a $250 piece of equipment running Tomato just fine.

    I came from a long line of WRT54G devices and DD-WRT and loved Tomato back then (I still have my WRT54G v3.1, the one everyone loves, and will not sell it). These branches of current Tomato, and not being open source, and slow updates and unknown security audits just worries me these days. But that's just me.
    cloneman likes this.
  28. jerrm

    jerrm Network Guru Member

    Don't make careless remarks and start unsubstantiated rumors when you don't know what you are talking about. Heartbleed fixes were posted by @Toastman and @shibby20 within a few days of the CVE release. IIRC, less than a week for both. Not as fast as some other distros, but they can't just update a single package and be done with it. Just the build time for shibby takes a couple of days for each release.

    OpenSSL has been updated at least half a dozen times since then as well.
  29. eduncan911

    eduncan911 Reformed Router Member

    I stated that because I have yet to find that exact information!

    And you actually proved a point I had as well: you have to follow 100s of pages and 1000s of posts to even "know" if something gets patched or not.

    Closed software without proper application life cycles, especially on something as critical as your home hardware router where you direct all of your financial/banking, personal and security - basically everything that makes up your personal and digital identities - are not subjected to the same open-source critic and review.

    I say that, as I AM a donor to Shibby as well as to the guy who originally created Tomato (at least I think it was Shibby I donated to, I know I donated twice: $50 each time over the past 10 years). I supported them!

    But these days, security trumps cool-firmware IMO.
  30. lancethepants

    lancethepants Network Guru Member

  31. jerrm

    jerrm Network Guru Member

    Ever bother to look at Shibby's changelog? One page. Can't get much simpler.

    If you want more technical detail, look at git.
  32. lancethepants

    lancethepants Network Guru Member

  33. lancethepants

    lancethepants Network Guru Member

    Also note, this is a tomato discussion forum, not the place to evangelize other platforms. There are other sub-forums here where you can discuss those things.
  34. Annita

    Annita Networkin' Nut Member

    My intention was not to evangelize other platforms, it was just a question to another user and asking advice on the piece of hardware (router) he is using and might be compatible with Tomato (specially if he's around and reading this topic...).
    I've finally bought a new router Netgear R7000 and trying it with original firmware, but thinking about installing Tomato (AdvancedTomato or Tomato Shibby) now that I read that Tomato supports Cut-Through Forwarding (CTF) so can be used with 300MBps connections....
  35. AndreDVJ

    AndreDVJ LI Guru Member

    The fastest router that Tomato supports is R7000. The maximum throughput with and without CTF was already stated by Shibby himself:

    If you need something even faster, then I would recommend that you craft your own combination of hardware/software.

    It's not a matter of evangelize a given platform. If Tomato can't meet your throughput requirements then you need to look into something else.

    Tomato is free, and other router/firewalls distributions out there are also free as well, so there's no pointing establishing any sort of competition here.
  36. Annita

    Annita Networkin' Nut Member

    Thanks AndreDVJ, the confirmation from Shibby is veeeeeeeeery good news (over 400Mbps DL without CTF and over 900Mbps DL with CTF)!!!! And I'm assuming that is already implemented in version 131? I might be missing something but couldn't find it in the change log.
  37. AndreDVJ

    AndreDVJ LI Guru Member

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice