Tomato RAF Releases

Discussion in 'Tomato Firmware' started by Victek, Dec 28, 2012.

  1. Victek

    Victek Network Guru Member

    You can upgrade to any tomato version but simply tick the 'erase nvram settings after flash', it will prevent any conflict, later fix your settings manually from scratch.
    When you talk about connection lost... do you lost public IP in your router status gui?.

    I'll release v1.2y release this week, there are many changes... some of them need test (so... if your router is in production be careful when upgrade to 1.2y version, I have tested for 3 weeks and it's amazing but I'm using standard configuration without scripts), then, since I didn't read bugs in 1.2x (besides QoS), is there any other bug in 1.2x version?. Doing ping in your LAN doesn't affect at all.

    The Master likes this.
  2. Edrikk

    Edrikk Network Guru Member

    This is great news Victek! My E3000 (or is it me) has been itching for a flash... :)

    BTW, you mentioned miniupnpd was updated to latest in a post (that's now) long away... I didn't see it in your github... I guess changes aren't committed yet right?
  3. xhenon

    xhenon Networkin' Nut Member

    Hi guys,

    I only have a rt-n16 in production and I need a lot of time to configure it each time that change a firmware.

    Is there any way to recover the router configuration? For example, copy qos configuration, dhcp configuration... Copying config file by hand though ssh connection


    Enviado desde mi Nexus 7 mediante Tapatalk
  4. fubdap

    fubdap LI Guru Member

    Try this:

    You can find lots of interesting topics if you use the search function.
  5. Victek

    Victek Network Guru Member

    No, not committed, I've been thinking about and since I saw some releases with my github changes before I released mine I decided to keep. Changes will be in github once I release firmware version. ;) .. then are matured and tested changes.

    @xhenon ... We are thinking in a good proposal to keep configuration when you upgrade to new version doing a nvram 'delta' window and then allowing you to keep or update the existing parameters, I think this solution will solve the 'usual' question forever. The issue now is that feature needs at least 50% nvram size free (worst case) ....
    Last edited: Feb 4, 2014
    MatteoV likes this.
  6. xhenon

    xhenon Networkin' Nut Member

    I can't wait more ;-)


    Enviado desde mi Nexus 7 mediante Tapatalk
  7. xhenon

    xhenon Networkin' Nut Member

  8. Edrikk

    Edrikk Network Guru Member

    Use iMacros. Setup once, repeat forever...
  9. Flx01

    Flx01 Serious Server Member

    Sorry if this place isn't the good one for this post, but I need some help...
    My FTTH provider is using 2 vlan, 1 for data (vlan 1971) and one for TV (1989).

    I've been able to create vlan 1971 connected to wan and spoof the mac needed, and my router (E3200) is getting the proper address.
    I am however stuck at configuring the TV vlan.
    As far as I know, it must be DHCP, all the Stream are raw udp with adresses like 233.x.y.z:1234
    My understanding is that I shall add routes for these adresses, and configure igmpproxy to avoid flooding my lan.
    I tried to follow the instructions to set up my stuff according to the tuto about FTTH movistar on the RAF download page without any success...
    vlan1989 does not appear in the devices list, even if I entered the ifconfig command in the init page of the scripts in admin page.
    Vlan 3 is my 1989, I tried using both vlan3 and vlan1989 without any success.
    There is no route as well in the Advanced routing page.

    Can someone help me getting my TV to work?
    Thanks in advance,
    aztech likes this.
  10. Connor McCaffrey

    Connor McCaffrey Networkin' Nut Member

    yes and it was very annoying cause i was playing with wireless settings. constantly saving and resetting. random things would cause it to drop out for 5-10 minutes. then sometimes another reboot would trigger it to come back sooner.

    i am also experiencing bug with QOS. last night i had it all setup good. then i get on test. (QOS STILL ON) and it wasnt even working. it aloud my full down/up rate. change to SFQ. worked. changed back (the same as it was) worked. it was like over time it screwed up.... netalyzer was reporting some crazy results to at the same time. saying packets were being reordered and that i had 64kb upload. (i have this set for one client who doesnt know how to close there torrents)

    basically i keep having QOS bugs. ill change a settings. test. then once its fixed ill change back to how it was. and it will magically work again.

    also last night i had SFQ set. it was working 100% ( i did netalyzer tests and multiple speed tests full saturating upload and download while watching my icmp pings to google. if there was jitter i should have seen it here) so it was working. test an hour later. got 130ms bufferbloat on upstream.... kinda makes no sense. ill keep playing with it. i am still on shibbys because of that radio problem. i will switch over to 1.2y when its released.
  11. kyrios

    kyrios Networkin' Nut Member


    Modem connection seems broken in 1.2x
    With plenty LTE modem available worldwide, you shall consider to include it.
    Travellers may need this connection
  12. Elfew

    Elfew Network Guru Member

    QoS is maintained by Toastman, so contact him and report this issue....
  13. Connor McCaffrey

    Connor McCaffrey Networkin' Nut Member

    ok thanks. so im asuming QOS will be no different in tomato RAF?? also no one has really mentioned any differences between shibby if im not correct.
  14. Elfew

    Elfew Network Guru Member

    QoS is same in every build. Better to use BW limiter which doesnt affect throughput
  15. RonV

    RonV Network Guru Member

    Can't wait to try 1.2y, 1.2x has been very stable but I have had to keep IPv6 off due to my need for QOS. Thanks for the hard work.
  16. ilkevinli

    ilkevinli Network Guru Member

    Sounds VERY interesting !!! :D

  17. Elfew

    Elfew Network Guru Member

    Problem is with nvram space - this feature needs a lot of nvram... I think 99% of users dont need this and never use it... it is not problem configure by hand (it is not necesary to flash every new build on router which is under heavy usage with a lot of rules etc)
  18. ilkevinli

    ilkevinli Network Guru Member

    Some users, like myself, have a lot of port forward and static dhcp entries. Not everyone uses all the options available on the firmware. This will be a nice option for a lot of users.

    lmartinez7641 likes this.
  19. Elfew

    Elfew Network Guru Member

    There is a special sw for nvram diff published on forum, why dont you use it!? In my opinion there are anothers more important things to do...
  20. Connor McCaffrey

    Connor McCaffrey Networkin' Nut Member

    i also wish i didnt have to clear nvram and reset every single time i change the firmware. i have asus-wrt and merlin-wrt settings saved but on that firmware even loading my saved settings will not bring back my old static dhcp assignments and i have a lot. about 25

    still havnt setup my manually assigned clients but when i do could i

    save the config from the backup config

    and then if i ever come back to tomato shibby i can just load that up and it will work?

    or maybe i shouldnt do it unless its the exact same version? or is it likely to work with newer versions aswell.

    also will the manually assigned ip's stay? cause in merlins and asus firmware they dont.

    overall im not to worried about nvram settings having to be erased. as long as i can load up my config files after. but to have to clear nvram and manually set stuff up everytime i do a FW change can be a pain in the @ss

    figure i would just play around with everything in shibby. then when 1.2y comes out i will know how to set everything up nice and quick. save that config and im good :)
  21. Seal

    Seal Network Guru Member

    Well..Since the function discussed is considered implemented by Victek, who after all is the maintainer and developer of the firmware in question, raving against a possible "expansion" of it is at best a moot point...
    Last edited by a moderator: Feb 6, 2014
    gffmac likes this.
  22. Victek

    Victek Network Guru Member

    You're right, I'm also looking deeply at ASUS code for dual WAN ... I tested with my smartphone, it works very well and it's a very named point in the forum posts.

    To be honest, there are a lot of things that can be improved or added for Tomato.... if you have time enough.

    About 'config lite' ... since there are three main tomato versions (shibby, toasman and victek-RAF) ... and nobody of us have the same vision the nvram comparison table can be a solution I think. It's not a discussion point, just one opinion ;)
    The Master likes this.
  23. ilkevinli

    ilkevinli Network Guru Member

    I do in fact use it. That has nothing to do with the new "easier" way that is being discussed. :rolleyes:

  24. The Master

    The Master Network Guru Member

    Yeah 3 Days to Christmas...äh Victek FW Release :D....

    Thanks VICTEK for your hard work.

    PS: 48 days, 17:41:19 UPTIME N16 and no Problems
  25. RonV

    RonV Network Guru Member

    I have you beat:

    Name rtr-office-n16
    Model Asus RT-N16
    Chipset Broadcom BCM4716 chip rev 1 pkg 10
    CPU Clock 480 MHz
    CPU Load 12.22%
    CPU Load (1 / 5 / 15 mins) 0.00 /  0.00 / 0.00
    Date & Time Thu, 06 Feb 2014 19:06:03 -0600
    Uptime 119 days, 19:06:29
    Flash RAM Size 32 MB
    RAM Size / Free 124.01 MB / 110.30 MB (88.94%)
    NVRAM Size / Free 32.00 KB / 11.41 KB (35.64%)
  26. Elfew

    Elfew Network Guru Member

    Really nice uptime!

    My best was about 40days, after that reflash to new build :D
  27. mrQQ

    mrQQ LI Guru Member


    would it be possible to add a "triggered WOL" option? so for example connection to some port would trigger wake-on-lan packet to the destination pc?
  28. Victek

    Victek Network Guru Member

    It's a sane demonstration of maturity level for tomato RAF firmware, I didn't had chance to keep firmware versions longer than three weeks in my router and I appreciate your and all feedback about versions running.


    You can use one cron event for it in the schedule custom options, not? I don't realize this feature will be massive used by people and since it's a simple script I expect schedule-cron gui can accept it. Do you think?
  29. RMerlin

    RMerlin Network Guru Member

    Not easy having any decent uptime on your own router when you are a developer. But at least my customers do. Those RT-N16 are damn good routers (hardware-wise). This one tends to have guests when they are doing training sessions (client list can hit 20-30 I think).

    Elfew likes this.
  30. Victek

    Victek Network Guru Member

    Yes, awesome too!, RT-N16 and some older units (E3000-E4200) are solid hardware devices like wrt-54 series. We'll see how the new units are doing.
    Elfew likes this.
  31. mrQQ

    mrQQ LI Guru Member

    Hm, that's a good idea using scripts. But how do I "catch" the connection to port and how do I send out the packet then? I'm sorry, I know it's not you I should be asking this, so perhaps someone else could help me out on this?
  32. koitsu

    koitsu Network Guru Member

    You should not be trying to permitting WOL packets across the Internet to a machine on your LAN. This will very likely not work for a lot of reasons:

    1) There is no guarantee your NIC vendor supports this kind of operation; the criteria for the "magic packet" varies per NIC model and NIC driver implementation, ditto with settings of the NIC itself. Sometimes you can adjust these, sometimes you cannot, and I'd say 90% of the time they aren't documented by the NIC vendor.

    The only mode that is known to work reliably on most NICs is sending a spoofed Ethernet packet (hint: that's layer 2, not layer 3/4 like IP and TCP/UDP) to the Ethernet broadcast address (ff:ff:ff:ff:ff:ff) with specific payload bytes in it.

    Other NICs I've seen do not honour the spoofed packet going to the broadcast address but only to the actual MAC address of the NIC itself.

    2a) Assuming your NIC does support the UDP datagram WOL method, which uses UDP port 7 or 9 (again: varies per NIC vendor, etc.), there is no guarantee your ISP will allow this type of traffic to even reach your WAN port on your router. It's very possible they filter it out.

    2b) Furthermore, the destination address of the UDP packet can also vary (again: varies per NIC vendor, etc.). Sometimes it's supposed to be sent to the local IP network broadcast address (ex., other times it's supposed to go to the IP the machine last had, other itmes it's supposed to go to

    3) Even if it does work, it creates a potential security problem because you're now blindly forwarding all UDP port 7/9 traffic onto a machine on your LAN. If someone figures this out, they could potentially wake your PC unexpectedly (again: it depends on the NIC vendor and settings), and I'm certain anyone encountering this situation would show up on this forum complaining about "ghosts in the computer" or some other nonsense (I've seen weirder :) ).

    If you think I'm making all of this up, I will be very stern and tell you to go read Wikipedia, specifically sections Magic packet and Subnet directed broadcasts (especially the latter).

    So here are two solution that will always work for you and gives you full control over the situation:

    1) Enable SSH on your router and allow it to your WAN (possibly on an alternate TCP port if you wanted), SSH into your router from the Internet and issue the ether-wake command to the machine on your LAN you want to wake up. This could even be automated/scripted using with a simple Windows .cmd/.bat script and PuTTY (which is standalone/portable), specifically PuTTY's PLINK command (read the docs), along with a SSH key (even passwordless!),

    2) Enable Remote Admin on your router, visit http://yourwanip:8080/ (or whatever port; or possibly HTTPS if tht's offered), log in, then use Tools / WOL or if that isn't sufficient, Tools / System and issue an appropriate ether-wake command. This could also be scripted (probably not in Windows without lots of extra tools/binaries) assuming you wrote a complex shell script + curl and worked out doing the authentication and submitting HTTP form data (this is more painful than it sounds, trust me).

    If you asked me which I'd pick, it'd be #1, hands down.

    Bottom line: WOL over the Internet is not going to happen. There are secure, reliable, and better ways to achieve what you want in a very simple manner. I sound stern/angry because this topic comes up every few months and I feel like I have to repeat myself in educating people about it. The variance of the NIC behaviour is possibly the biggest problem there is, but that's the nature of the beast with WOL: every NIC model and NIC vendor seems to behave differently; what works for you won't work for some other person.
    JugsteR likes this.
  33. krum09

    krum09 Networkin' Nut Member

    Never mind about versions of the wireless I found it
    Last edited: Feb 9, 2014
  34. MatteoV

    MatteoV Networkin' Nut Member

    Hi, I had the same idea: if someone looks for my own Web server, then switch it on. So I gathered various information on the Internet and created a script doing this (you log the request in system logs through a firewall log-only rule). Since I'm not actually needing it, I modified my script to just log the possible triggered wake ups on a file accessible by Web interface, containing ips of the origin request ip, its resolution (hostname) and consequent theoric wakeups. Activating it would be just commenting out a line, so. I have been running it since some months and there are so many requests from so many shits around that I feel like it would be really useless. If your scope was waking up your machine/s when needed, I endorse the proposal of koitsu of using a secure ssh connection and doing your duties by issuing an ether-wake command. I am actually doing this using a simple Android application, ConnectBot, that automatizes the whole operations to one-click ;)
    If you need something, anyway, let me know!

    Inviato dal mio Nexus 4 utilizzando Tapatalk
  35. The Master

    The Master Network Guru Member

    Are there any Problems with the new Version... could we help with Beta Tests?!? Hoped to test it @ the Weekend ;(.

    PS: Dont rush only a Question.
  36. Elfew

    Elfew Network Guru Member

    Longer waiting time = more stable and more cherry picks...

    So do not rush and use build x
  37. The Master

    The Master Network Guru Member

    Please Read my Post again...

    "PS: Dont rush only a Question."
  38. eviltone

    eviltone Network Guru Member

    Upgraded my mom to a Tenda W1800R and immediately flashed 1.2x (the Ac66u build)...
    Flash went fine, and so did the config... no issues at all with the setup, and NO LAG on the web interface (unlike the stock firmware)
    Thanks a lot.. this is the 3rd W1800R I've done like this.
    (and before you ask why a Tenda -- $119 for the W1800R vs $199 for an Asus RT-AC66u)
    ChefJoe likes this.
  39. mrQQ

    mrQQ LI Guru Member


    you misunderstood me..

    I have WOL working fine. I can login to web admin, and send WOL packet from there. I have also enabled UDP forwarding, and it also works fine. I can wake up from internet pages made for that, and android app etc.

    I just want to "trigger" it by connection to a specific port..
  40. koitsu

    koitsu Network Guru Member

    @mrQQ -- I'm sorry to hear that none of what I wrote sunk in.

    As far as I know there is no "easy" way to implement what you want, as it would require a custom daemon be listening on a TCP or UDP port which then went and executed something like ether-wake to wake up a system on the LAN. And that's exactly what the SSH method I described would do as well.

    The SSH method I describe is the best way you could do this. Since Android is Linux, I'm fairly certain there are SSH clients that can issue single-line commands to a system, ex. ssh -i /some/private.key root@yourwanip "ether-wake aa:bb:cc:dd:ee:ff" would do exactly what you need.

    I think basically if you want something as insecure as "do something on a random inbound connection to some port number", you are probably going to have to write it yourself. :/
  41. MatteoV

    MatteoV Networkin' Nut Member

    I think you misunderstood us! OK, we got what you want to do, and I also told you I have it done already (it just did really nothing apart from logging, in my environment, for the exact problematic koitsu exposed) but that's crazy, after analysing logs, and a non sense, IMHO. The one-click solution koitsu speaks about is a lot better overall, and there are very simple ways to have it done (ie the ConnectBot app I mentioned)....
    Of course, if you want your public random client to be able to let wol happen, it is just not a solution!
    Let me know if you need the script anyway.

    Inviato dal mio Nexus 4 utilizzando Tapatalk
  42. Victek

    Victek Network Guru Member

    I'm integrating environment (architecture) of ARM and MIPS in same sources, I can release a mips version using the actual trunk but my goal is to release 9014 (14=year) version 1.0 for both platforms.
    I have problems with CFLAGS and LD ....
  43. gffmac

    gffmac Networkin' Nut Member

    Take your time Vic, release when you have it where you want it.
  44. hawkmat

    hawkmat LI Guru Member

    I found a neat way to increase 5 Ghz output power. Works best on a RT-N66U. It works somewhat on a E4200.
    Using 1.28.9013 MIPSR2-RAF-V1.2x on a Asus RT-N66U.
    Set channel to fixed lower channel 36 - 64, i'm using 44
    Set Country to Singapore
    Set Transmit power to 0 (Zero)
    All other Advanced wireless settings are default. I am using Interference Mitigation WLAN auto with Noise Reduction but you may not need it.
    InSSIDer shows signal goes from -52 dBm to -45 dBm and stays there.
    Tested Asus factory firmware with max power setting and I got a -52 dBm.
    I also find that throughput is better and more consistent.
    This does not work with the higher 5 GHz Channels (100 - 165)
    I know when you use the lower 5 GHz channels the wireless driver is suppose to lower the output power. That is not happening with these settings. Either Singapore allows more power output or there is an error in the driver that is allowing it.
    I hope this helps someone.
    Works Only with routers using the driver. Like the RT-N66U and E4200. This does not work with AC routers.
    Last edited: Feb 13, 2014
    gffmac likes this.
  45. The Master

    The Master Network Guru Member

    Take your time... Thanks for the Info...
  46. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    [quote="hawkmat, post:]
    I know when you use the lower 5 GHz channels the wireless driver is suppose to lower the output power. That is not happening with these settings. Either Singapore allows more power output or there is an error in the driver that is allowing it.
    We know that regulations set a lower maximum power for the lower band, which is intended for indoor use, but the limit is beyond the maximum power output of our little routers.

    We have no idea how the driver limits power in one band versus another because it's a closed source binary blob. I get the same or better power output on the 5GHz lower band in the E4200v1 but the same in E2500 regardless of region, but YMMV. Maybe the difference is the USB driver introduced by Shibby20.

    In the past 4 install environments for me I've found less interference in the lower band. Even if the power output were the same, lower interference would be reason enough to use the lower band.
  47. Connor McCaffrey

    Connor McCaffrey Networkin' Nut Member

    using an rt-ac66u in the middle of a 4000-5000 sq ft home with Shibby 1.28
    testing this with a 2012 macbook pro with a 3 stream BCM 4331. macbook starts sitting at 70-72dBm

    change region from US to singapore
    change tx from 100 to 0.
    save settings.

    change channel to channel 40 @ 40MHz.

    macbook drops to -78dBm instantly. i left it to sit for about 2 minutes. nothing gave.
  48. hawkmat

    hawkmat LI Guru Member

    Hi Conner!
    This does not work with the Asus RT-AC66U. I found it only works with the driver used with RT-N66U builds. The RT-AC66U uses the series 6 wireless drivers. I've tested it before and it has no effect with this router.
    I find it does work really well with the RT-N66U. I believe this is a bug in the driver that allows this to happen.
  49. Connor McCaffrey

    Connor McCaffrey Networkin' Nut Member

    thanks man. but on another note

    ok i had a bit of problem with 1.2x firmware because of the 5GHz issue when installing, but i went to Shibbys and it worked. so i have stayed there playing with it and learning tomato while i wait for 1.2y.

    i am not sure if you use the same drivers as Shibby. but wifi performance has been equal to or greater than Asus-WRT and Merlin-WRT. infact i believe it has been better.

    this is 1SS iPhone 5 on 5GHz@40MHz 150mbps max link rate. at 61-63dBm real world test sitting on coffee table in front of couch 12-15 feet from router through 2 walls.


    impressive. with other FW i could not pass 82mbit/sec in this same place.

    i wonder what speeds i would see if i go closer to the router. will test soon.

    here is my 5GHz settings. only difference was that i had frame burst enabled. i am now gonna try with it off tomorrow.


    Tomato/Shibby 1.28 ≥ Asus-WRT, Merlin-WRT

    i will continue to try and post hard data like this, as i wish more people would actually show there results rather then just talking about them. it is hard to find time to do stuff like this though. my next test will be aimed more at LAN Speed and WLAN speed. and i will be using lan speed test to do so.
  50. Retronite

    Retronite Networkin' Nut Member

    Hi All,

    I'm new to Tomato RAF and I'm enjoying what I've played with so far. I have 2 x Belkin F7D4301 v1 routers, 1 with Belkin's Original Firmware (1.00.30) and the other with Tomato RAF's 1.28.9013 MIPSR2-RAF-V1.2e K26 USB. At the moment I'm experimenting with the Tomato router and making sure that it is working to how I want it before the full switch over. Once fully switched over, I'll flash the original router to have a 2nd Tomato router and put them both as an AP + WDS to increase the wireless coverage in my house.

    I would like to know what is the default Transmit Power (mW) for the original Belkin F7D4301 v1 UK routers? I already know the default in Tomato RAF is 0 and it ranges between 0-400.

    Also will further Tomato RAF firmware versions for the Belkin F7D4301 be released? I know that the latest stable version is V1.2e and not that many people on this particular forum thread seems to have this particular router.

    Thanks in advanced
  51. Victek

    Victek Network Guru Member

    I didn't had so many request (downloads) for Belkin in my website stats, it's the reason why I don't update new firmware version for these model. The wireless power it's always related to country code in most of drivers I tested and the power gauge in the advanced section can be changed but not always is active (limited by country max power), try Singapore and 100 in the power window.

  52. Victek

    Victek Network Guru Member

    Tomato ARM for RT-AC56 wip screenshots:
    (Not all features are 100% working now...)
    Screenshot from 2014-02-26 18:33:06.png Screenshot from 2014-02-26 18:36:13.png
    szpunk, zavar, jerrm and 2 others like this.
  53. FattysGoneWild

    FattysGoneWild LI Guru Member

    This new version coming up. I have a E4200 btw. Is it still a ways out some what? I am only asking since not sure if I should put current final version on my router. Or wait till this new final version hits if its that close to being done.
  54. Victek

    Victek Network Guru Member

    You can wait if your router works fine... the new version for MIPS will include also new updates. ;) , no rush.
  55. Engineer

    Engineer Network Guru Member

    Just a heads up but the Tenda will be $79.99 at Newegg today at 6:00pm (02/28/14). I'm so tempted to get this and throw the AC66U build on it).
  56. Retronite

    Retronite Networkin' Nut Member

    That's a huge downer for those that still use the Belkin F7D4301 routers on Tomato RAF, like me! :(
    Anyway in convincing you otherwise to continue the firmware development. :rolleyes:
    Awesome, I'll give that a whirl and see if there's any improvement on my home wireless coverage with those settings. :)

    Thanks for sharing this great wireless firmware Victek. :D
  57. Victek

    Victek Network Guru Member

    ARM status ... basic options working, cpu load correct, free nvram still fails, upgrade can be done through GUI ;). Upgrade takes 15sec...and it's connected again 40 seconds later...
    CPU Clock is 1595/2 = 800MHz per core.

    Screenshot from 2014-02-28 22:55:22.png
    Last edited: Feb 28, 2014
    ilkevinli and Elfew like this.
  58. Lorenceo

    Lorenceo Networkin' Nut Member

    Makes me want to buy another router.
  59. alexlau

    alexlau LI Guru Member

    Thanks Vic for the build for AC56U, awaiting for the final release.
  60. FattysGoneWild

    FattysGoneWild LI Guru Member

    Is something wrong with the latest stable version? Not a insult or anything. Just kinda surprised you mentioned might want to stay with current stock firmware. I would think you would want as many people possible to use your firmware. Maybe I am reading to much into it. Sorry if so. Another reason why I am thinking about flashing. I don't like how Belkin/Linksys is being so slow to plug the recent major security hole found in current firmware. Another thing coming to mind.

    This new version you are working on is such a major over haul compared to latest stable version. Better off holding out until the final build comes out. My E4200 also just hit 3 years old. So, not sure how much life is left in it sadly.
  61. Victek

    Victek Network Guru Member

    Don't know what you read, but I relaxed time window between each release and keep a lot of updates for the new version. If security issue or serious bug is found in last release then I'll update immediately but luckily it's not the case till now and I use my spare time to port Tomato to other platforms (ARM & Ralink).

    Since each user seeks different features I can't cover all users and all models. Versions from other devel have other features not included in my version or opposite. Targets and usage are different I think...

    It's a good reason to use third party firmware but in my opinion is the main reason to refuse buying any device without serious support from manufacturer in the future after the killer words you wrote, I'll refuse to buy another product from the same manufacturer in my next purchase and will spread these bad experience to prevent other users ... not?

    You know since longtime that no stable versions are released in Tomato, all devels use beta suffix for their versions. I try to be conservative if no added value is inside of each new release.

    Thanks for your thoughts, good guide for other forum visitors.
    Last edited: Mar 1, 2014
    The Master likes this.
  62. The Master

    The Master Network Guru Member

    Hi Victek .... take your time at the new FW. We love your Stable ones (all of them).

    But i have one Question: how hard is it to add a other ARM CPU/ Router Model to the FW if the FW is Final. Only Modul or is it a whole new FW to Build?!

    I ask because i read about the new "Netgear R7000 Nighthawk" with a NEW CPU in it "BCM4709" 1ghz DualCore ARM. Review of the Beast :""

    It would be a shame not to have Tomato on it :D.

    MANY THANKS for the very hard Work.
  63. FattysGoneWild

    FattysGoneWild LI Guru Member

    Thanks Victek for breaking it down and answering those questions. For people with Linksys E4200 using the latest "x" beta version. Is it good and stable enough to put into production for home network? Or better to use previous version? Version 1.28.9013 V1.2v. I was going to flash to that version. But, if "x" is perfectly fine enough to use. I would like using the latest. :)
  64. Victek

    Victek Network Guru Member

    The main job is to transform the original firmware into tomato structure, add tomato specific features related to netfilter in kernel, read the router cfe and build environment to identify the model by using tomato, add and drive led's, ethernet ports, buttons..., in the ARM case all tomato is compiling the code based in a new platform, so, changing the configuration in tomato to arm cpu has been done also. I will say around 70% of tomato code (including kernel upgrade) has been changed and rebuild but from the user perspective and view you will use and see tomato as before, nothing changed in the GUI keeping the simplicity and ergonomics as before.

    The difference between a beta and final is simple, when the firmware has been tested and the devel and user agreed is running trouble free it can be marked as stable or final. When the devel is adding new features or changing code asking to be tested then it's marked as beta.

    To have tomato in another router we need to have a physical unit, it helps a lot during tests.

    Yes it's perfectly stable for production use.
    Last edited: Mar 2, 2014
  65. Elfew

    Elfew Network Guru Member

    Dont rush...just wait because without tomato you would have stock fw with bugs amd no updates...
  66. zekev

    zekev Reformed Router Member

    Hi guys, in october 2013 I installed this firmware on a Netgear wndr3700v3. I wanted to come back to the original firmware in february and messed up somewhere... I bricked my router and unbricked it with a serial cable... usb to uart that I soldered to the board... I re-installed the new original firmware but now I'm loosing my internet connection.... actually I cannot access the GUI interface and my internet connection keeps droping (I can still can ping the router but that's all).

    So I retried the dd-wrt.v24-19342_NEWD-2_K2.6_big-nv64k. but Now my 3TB usb HDD is not recognized.

    Now I want to upgrade to Tomato but can't remember how to do it. Is there a "how to" somewhere on this web site ? I tried a firmware upgrade from the dd-wrt GUI choosing the file tomato-Netgear-WNDR3700v3-1.28.RT--108-VPN.chk and did a 30/30/30 reset but it doesn't work I stuck on the dd-wrt firmware.

    I remember (I think) did something like mtd-erase -d nvram but if I telnet to my dd-wrt it says mtd-erase not found or something like that...

    Maybe I should only install this tomato firmware from the original firmware ?

    Any help would be appraciated
  67. xiaobb

    xiaobb Network Guru Member

    I recently got the tenda w1800r, loaded Victek's RT-AC66U 1.2x firmware, but I got several problems.
    1. After loading the firmware, i did the erase all nvram data. then I enable the "example" in the Access Restriction menu. I got an error say fail iptables restore, line 60. I tried this several times, as soon as I enable the example, or create a new normal access restriction with one line of http request blocking a domain like$, then I got this error.
    2. The 5Ghz LED light won't turn off, even when I disable the 5Ghz wireless, the 2.4ghz wireless LED turn off when I disable the 2.4Ghz wireless.
    I tried Shibby's latest 116 firmware for the Tenda w1800r. I got the same problem. 5Ghz LED won't turn off.
    I saw this mention in one of the thread before. I thought this was fixed. Could Victek or Shibby verify this?

    3. on 1.2x, the default SSID for 5Ghz and 2.4Ghz were reversed. But on Shibby's 116 firmware, it is good.

    4. on 1.2x firmware, i did several speedtest, i noticed that the ping time was at 80+ms. But if I use the asus rt-n16, my ping time was at 10ms. I tried it with everything default by doing the erase all nvram, and I did the test. it constantly at 80+ms. THe tenda supposed to be faster so I would expect it to be lower ping time or at lease the same as the rt-n16.

    Thanks all for looking
    Last edited: Mar 9, 2014
  68. Ignas

    Ignas Addicted to LI Member


    Is there a way to mount partition as a /media subdirectory? Any way to work around that read-only root?

  69. leandroong

    leandroong LI Guru Member

    I believe your using padavan fw like me. This is equivalent to /mnt in tomato. The label of usb harddisk plugin will appear in /media. In my case, my harddisk is formatted into 2 partitions, namely, swap and optware. In optware in where I have many folders, one of them is "opt" use for entware optware installation. Mounting of optware is automatic, under USB application->Allow run optware? just check it. Unplug usb harddisk and re-insert, when few minutes, entware is being created.
  70. leandroong

    leandroong LI Guru Member

    wrong post... deleted
  71. roadkill

    roadkill Super Moderator Staff Member Member

    Is there any specific reason why it should be /media? What are you trying to do?

    Sent from my iPhone using Tapatalk
  72. wizziwig

    wizziwig Reformed Router Member

    I also recently got the Tenda w1800r but still running the stock original 2.0 firmware. Can you downgrade back to the original firmware to compare performance to Tomato?

    I'm afraid to try Tomato myself because I have not found any information if it's possible to downgrade if I don't like it.
  73. zekev

    zekev Reformed Router Member

    Hi !

    To make a long story short, I have a Netgear wndr3700v3 it was running with tomato RAF 1.28.9013 stable for 3 months. But after that my internet connection was always dropping !!!

    I wanted to restore it to the factory default (netgear) but I messed up somewhere. I bricked it. Unbricked it with a serial cable. Re-install the netgear firmware but still internet connection was dropping.

    I retried dd-wrt but no luck still dropping.

    I telnet to the dd-wrt and did : mtd erase linux...

    After I rebooted and used tftp2.exe to flash shibby's firmware tomato-Netgear-WNDR3700v3-1.28.RT--108-VPN.chk

    In the shibby's firmware, I used the GUI to upgrade to tomato-WNDR3700v3-1.28.9013MIPSR2-RAF-V1.2f2.trx (I checked the erase nvram option).

    After that... no wired connection was possible, I did try a 30/30/30 reset but no luck

    No the only way to acces the web gui is by wifi ?!?!?!

    My last flash worked I can see under "About" (in the GUI) saying Tomato RAF Firmware v1.28.9013MIPSR2-RAF-V1.2f2 K26 USB

    Any clues why the wired connection are not working ?

    Or any clues on how to recover from this without having to re-solder my serial cable to my router !

    Thanks for any help !
  74. Ignas

    Ignas Addicted to LI Member

    Sorry, but that's not the case. Thanks anyway!

    I have some stuff like scripts, config/state files which depends on path /media/blahblah. I would like to reuse them without any modifications.

    If there aren't any work-arounds, I might try to build myself a custom image.
  75. koitsu

    koitsu Network Guru Member

    Your "scripts/config/state files" are written for something that is not TomatoUSB-compliant then. You cannot mkdir /media because / is read-only due to it being on squashfs. This is not going to change. Period. The directories you have available to you in the root filesystem are all you have available to you; this is why under TomatoUSB, things like USB flash drives are mounted under /tmp/mnt (because /tmp is RAM).

    My gut feeling is that it was you who imposed the /media mountpoint yourself (meaning you're the one who decided "I want to use /media" (probably on some other firmware, OS, distribution, whatever)), and are in turn expecting other environments with different limitations/designs to cater to your decisions -- sorry, it doesn't work like that, you've got it backwards.

    So no, you're not going to be able to re-use them without modifications. They must be modified. If all of these things are truly configurable (shell scripts, etc.) then supporting both environments (wherever you use these scripts that rely on /media, and TomatoUSB) is completely doable -- by you. :)
  76. Ignas

    Ignas Addicted to LI Member

    Yes, use of /media was my decision made long time ago. And yes, those files were used in other devices with linux based OS'es. And I'm not asking Tomato to change its design or anything. I just hoped that I've missed something and there was relatively easy solution. :)

    Thanks everyone for your time. And thanks Victek for your efforts put into TomatoRAF! I'm having 120+ days uptime on WNR3500Lv2 with 1.2u which is nice to see. Though I'm not stressing it too much, ~8 clients and ~3TB monthly WAN traffic.
  77. alexlau

    alexlau LI Guru Member

    Hi Victek, I'm wondering whether the the VPN server setup for the new Tomato for AC56U has the option of setting up VPN using Username/Password based authentication.

    I noticed in RMerlin's modified firmware such options is available, which provides an easier method for unexperienced users to setup their VPN server.

    Thank you! Sincerely looking forward for the release of new ARM based firmware!
  78. leandroong

    leandroong LI Guru Member

    for tomato FW, why not use /jffs? You can create folder partition to current partition like jffs and store all your config there. You just need to modify init script to mount that jffs folder to /jffs.
    mount -o bind /tmp/mnt/optware/jffs /jffs
  79. zekev

    zekev Reformed Router Member

    I will answer to myself in case it may help someone else.

    Thanks to arrmo mod (tomato-K26USB-NVRAM64K-1.28.0058MIPSR2-RMo-WNDR-WNDR3700v3.chk) firmware to shibby/victek firmware for the wndr3700v3.

    Even though it's not really safe to upgrade a firmware over wifi, I did it since all my wired port were KO.

    Now with this firmware all seems to work fine. Time will tell...
  80. Victek

    Victek Network Guru Member

    RT-AC56 status up to today, almost all modules functional, vlan is working (finally), still a lot of modules porting to ARM .... but very happy with the performance till now. We are upgrading nginx, php to latest versions, all changes will revert also in mips routers of course.


    Screenshot from 2014-03-17 00:21:49.png
    Last edited: Mar 16, 2014
    zapoqx, ilkevinli, Elfew and 4 others like this.
  81. Huey

    Huey Addicted to LI Member

  82. mpegmaster

    mpegmaster Addicted to LI Member

    Bravo indeed... hip hip hooray :cool:
  83. FattysGoneWild

    FattysGoneWild LI Guru Member

    Okay well this is a new one. I thought the router was going to crash. Trying to log in and was seeing 99% cpu usage. Extremely slow to log in. Going to attach picture. I seen it going from 57, 62, spiking to 99%. I don't know what would cause it? I was only downloading a new game for the PS4. Infamous Second Son. 100mb/5mb cable internet connection. Capture.JPG
  84. dc361

    dc361 Network Guru Member

    When the router is seeing high usage are you able to SSH or Telnet into the box to identify which processes are consuming all those resources? (If so, you could post the output of "ps" to the forum) If you are not comfortable with telnet/ssh, you can enter the command (without quotes) "top -n1" into TOOLS -> SYSTEM -> EXECUTE SYSTEM COMMANDS and then press EXECUTE (Be very careful to use the -n1 switch on top to force it to only display 1 iteration.) You could then post a screenshot from this output.
  85. FattysGoneWild

    FattysGoneWild LI Guru Member

    No idea how to do what you said. The second part sounds really dangerous? I don't want to brick this thing! Thanks for the reply and assist. Have any others seen this? Since its a beta. Has Victek been able to duplicate it? I also notice. When logging in sometimes doing nothing. Cpu usage spikes to 70-82% when logging in and then goes back down to normal. TBH. I never even would have known this was happening. If I did not decide to log in while it was downloading that game.

    It was 22gb. If no one has seen this yet or before. If they never logged in while using a very fast connection and quickly downloading a massive file. It might not have been seen until now as well? Just speculation. I really really hope someone else or others can duplicate this. As I feel uncomfortable trying to troubleshoot technically unless it is super duper simple and no risk of messing any thing up.
  86. dc361

    dc361 Network Guru Member

    The top command would never brick your router -- although if you don't tell it to run for a specific number of cycles (the -n part) it would run in the background until the next time you reset your router.

    I am running RAV V1.2x on an E4200 with an 80/8mb/s connection and have never seen the cpu spike that high.

  87. FattysGoneWild

    FattysGoneWild LI Guru Member

    These help at all? Probably not and unrelated. Thought I would post any ways. Never know.

    Capture.JPG Capture2.JPG
  88. Victek

    Victek Network Guru Member

    Yes, it's the expected behaviour when the sirq (Software Interrupt Request) is not handled correctly due to propietary drivers from manufacturer.
    The GUI is not responding but the router works normaly even at these higher CPU stress. It's first one issue due to a non optimized driver for the unit (we use what we can...) and a limited CPU power.
    With (Speedtest version) Tomato RAF you can download with low CPU sirq (less than 40% at 100Mbps) but then other functions (QoS) are broken.

    With actual ARM routers (RT-AC56/RT-AC68) models the CPU load at 700Mbps downloading it's between 60-75% with iperf test ...
  89. FattysGoneWild

    FattysGoneWild LI Guru Member

    Thanks for the direct reply and explanation Victek. That is interesting. When this happens. How does one know if they are saturating their connection if it can do this with just a single download?
  90. kIssGlaY

    kIssGlaY Networkin' Nut Member

    Meantime with AC68, enabling "IPV6 V6in4 + PPPoE WAN + CTF" will result in router hang running Tomato-Arm, while with official firmware or Merlin's, router rebooting infinitely.

    If IPV6 v6in4 tunnel is a must have, one can only run the router without CTF, and in this case, 100Mbps will cause AC68 occupy roughly 35% cpu time, which means it at most could handle approx 300Mbps.
    Last edited: Mar 22, 2014
  91. Victek

    Victek Network Guru Member

    The sirq load is not proportional to speed rate.. anyway, the CPU is more powerfull, unfortunately the work is not shared by two cores and the rate you see (35%) corresponds only to one core... while the other core is iddle (one thread).... If you open another download you will see that CPU Load is not increasing and then the second core is doing the job ... we did some progress but still is a beta version, step by step ...
    About CTF, we're again in conflict with propietary drivers and tomato platform have conflicts with extended features, again, wip.
  92. kIssGlaY

    kIssGlaY Networkin' Nut Member

    Thx victek for detailed explain.
    35% is what I see from htop averaged from 2 cores, as you say, the 2nd core is idle, while 1st core peeking at 70% at most.

    About "CTF + PPPoE + V6in4 Tunnel", I've got reply from ASUS and they said they will fix this issue in next release, maybe a new ctf.ko solving this issue.

    I ran a dedicated speed test, and unfortunately, with 100Mbps, htop showing over 40% usage(see attachment) with one core over 80% and another idle running shibby's test build.

    Attached Files:

    Last edited: Mar 23, 2014
  93. Victek

    Victek Network Guru Member

    Yes, tomato and as far I know all router firmware are mono thread, dual core do not improve it..but if you run another task (vpn) then the second core wake up and the overall performance raises up.

    CTF is hardware dependand but also netfilter mapped, any small change done in ipfilter have a big influence on it..

    Shibby build and Tomato RAF ARM sources (kernel) are nearly the same, only added features and modules update (miniupnpd 1.8, nginx, libnfnetlink, php, dnsmasq...) differs both builds but roots are the same.
  94. kIssGlaY

    kIssGlaY Networkin' Nut Member

    Tested with Merlin's build (maybe same goes to OFW), and the CPU usage is slightly worse compared to you guys' WIP Tomato-Arm, almost same settings and with CTF off, no QoS. (BTW I've turn off anything like DLNA except the bandwidth monitor, so there is maybe little overhead and when no transmission, cpu is almost 0%)
    Second core seemed kicking in, but 1st core consume even higher cycle compared to Tomato whose 2nd core was idle. Maybe it's because some modules like 24/daily/month bandwidth monitor in shibby's build didn't function.

    Attached Files:

    Last edited: Mar 23, 2014
  95. Victek

    Victek Network Guru Member

    We're using same sources...the services started by the second core are not related to the conntrack I think, you can see in the top command by differentation of :0 or :1 for each service.
    Thanks for your findings and reports.
  96. kIssGlaY

    kIssGlaY Networkin' Nut Member

    You are welcome and thank you for you guys great work.
    When I enable "per IP traffic monitoring" in Merlin's build, it push CPU usage even higher, no touch in other settings.
    Tomato got that function too, but seems to have tiny impact on CPU.

    BTW, in shibby's build Bandwidth monitor and IP traffic only works on realtime, but all others 24hrs/daily/mouth stats. are not working so far, plus QoS seems not working too(tested under a version compiled about 1 week earlier). It's still under development by you guys, isn't it?

    Attached Files:

  97. Victek

    Victek Network Guru Member

    Correct, there are many functions not working yet, it's a Beta version, also miniupnpd is not working, BW limiter, the transfer in FTP are slow, we are changing the secure communications section (VPN, PPtPx) completely by a new solution... we are working on it.
  98. kIssGlaY

    kIssGlaY Networkin' Nut Member

    Appreciate it and good luck.
  99. RMerlin

    RMerlin Network Guru Member

    ipt_account is broken under 2.6.36. I fixed it a few months ago, not sure if Tomato updated their version of that module to my code. Otherwise, IPTraffic will not work properly on ARM.

    For miniupnpd there were a few minor changes required for ARM. I think the getifaddr() function used by the uclibc version on ARM is broken, so you have to provide your own replacement function for it.
  100. Edrikk

    Edrikk Network Guru Member

    Hi Victek,

    I know you mentioned your intentions on a post which is now far back in this thread, but given your post above, and the number of code refactors which I'm sure you've backported to Broadcom branch, would it not be worthwhile to release a beta for Broadcom to ensure that there are no major regressions there?

    I don't think this would steal your thunder, as you have mentioned the cosmetics are all the same, and might save some headaches for later... Just thinking out-loud..
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice