WRT54G V2 Tofu=better performance?

Discussion in 'HyperWRT Firmware' started by bluefiberoptics, Dec 14, 2005.

  1. bluefiberoptics

    bluefiberoptics Network Guru Member

    I am somewhat confused between HyperWRT and Tofu. Do I need to have the HyperWRT firmware already installed before installing Tofu?

    I am running the Firmware Version : v4.20.7

    If I move to Tofu, would that increase performance at all? I'm looking for performance improvements, not really 100000 features. So let me know if this is a firmware for that.
  2. NateHoy

    NateHoy Network Guru Member

    HyperWRT is a codebase that was written some time ago, based on an older release of the Linksys firmware.

    HyperWRT Tofu (for the WRT54G) and HyperWRT Thibor (for the WRT54GS, WRT54G V4, WRT54GL, and some older WRT54G models) are both newer iterations of HyperWRT based on a newer Linksys codebase, with new fixes and features.

    You'll need Tofu, with your V2. See http://tofu.polarcloud.com/ for a direct download of Tofu 11, which is the latest release.

    You WILL probably get better-working QoS and UPnP, which are both iffy in the native firmware in my experience, and you'll also get the stability increases from more frequent cleanup of old connections, making the router useful for BitTorrent and other connection-intense applications.

    I don't know how much raw speed increase you'll see, especially on pure Internet usage. But once you start seeing the extra useful features, like static DHCP, better connection cleanup, etc, you might decide you like it anyway. ;)
  3. pharma

    pharma Network Guru Member

    Tofu 11 includes Official Linksys 4.30.1 (GL) code base + HyperWRT 2.1b1 changes + Tofu 11 changes/fixes. The HyperWRT changes/fixes are already incorporated.

    Depending on what you do you should see some improvement (internet access should be faster). Best way is to change the firmware and keep on for a few days. If you don't see any improvement, you can always switch back to what you originally had on the router.

  4. bluefiberoptics

    bluefiberoptics Network Guru Member

    Thank you very much for your response. I have one more question.

    echo 4096 > /proc/sys/net/ipv4/ip_conntrack_max
    echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
    echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
    echo 512 > /proc/sys/net/ipv4/neigh/default/gc_thresh1
    echo 2048 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
    echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh3
    echo "600 1800 120 60 120 120 10 60 30 120" > /proc/sys/net/ipv4/ip_conntrack_tcp_timeouts
    Is that useful for Bit Torrent? Because I bit Torrent almost 24/7
  5. NateHoy

    NateHoy Network Guru Member

    The latest Tofu already has the most important fix, the 5 day timeout problem for connections, in place.

    The rest of the script? Well, it changes a bunch of stuff, expands out available ports, etc. I've found, personally, that running the following script seems to help a bit...

    echo "600 1800 120 60 120 120 10 60 30 120" > /proc/sys/net/ipv4/ip_conntrack_tcp_timeouts

    The reason? Tofu's default for connection cleanup is something like 600, or about 10 minutes. The Linksys default is 5 days. The script above sets it at 1800, or 30 minutes. I've found that 1/2 hour works much better for me than 10 minutes.

    The other settings don't seem to make much of a difference to me, and actually seem to slow things down, probably because the router is trying to keep too many ports open for my poor old DOCSIS 1.0 modem.

    Net answer? start with NO startup script, and see how that goes. Tofu's a sharp guy, and has some good stuff going on in there. Then, you can play with settings until you find one that optimizes your setup for you. Because I'm slowly learning that there is no one right answer for everyone.
  6. bluefiberoptics

    bluefiberoptics Network Guru Member

    Thanks everyone for your help. I took the plunge and upgrade to Tofu. I had a problem, but it seems my topic "tofu problem" was deleted without reason..?

    Firefox would give me an error page when I tried to save settings in the router config page. But IE would work just fine. huh..
  7. pharma

    pharma Network Guru Member

    Glad it worked out .... :clap:

    I think there is an issue with FoxFire and saving the config using the router. I recall one other post where they had an issue, but later used IE w/o any problems.

  8. bluefiberoptics

    bluefiberoptics Network Guru Member

    After a day of using Tofu, I am noticing web surfing is very slow when I'm using Bit Torrent. It would not be as sluggish using the Linksys firmware. Mmm... And my upload is capped to 60% of my upload in my Bit Torrent client.
  9. NateHoy

    NateHoy Network Guru Member

    Hmm. How do you have things configured? How many connections do you have open? Using QoS? How's that set up?

    I've noticed a slowdown over the last couple of days, myself, but only when I have both BitTorrent and my Vonage VoIP line running at the same time. Vonage is set up as the only premium service, though, and it does run like a champ even though everything else slows down. I think I'm just simply running out of bandwidth.
  10. bluefiberoptics

    bluefiberoptics Network Guru Member

    Hmm.. I'm running Windows XP SP2 with the Raw socket patch so that I can have a max of 50 half-open connections. I have uTorrent set to use 40 half-open connections. I am not running any QoS stuff.

    If you have any suggestions, I'd be willing to try them. :)
  11. NateHoy

    NateHoy Network Guru Member

    Well, first, go into your WRT54G and make sure that QoS really is turned off, if you have no interest in it. You don't want the router trying to shape your data if you don't care about it being shaped.

    By 40 "half open" connections, I assume you mean simultaneous connection attempts, and not actual connection limits? 40 at a time is a big number there. I generally keep that under 10, only because a connection attempt in Torrent is, in my experience, a relatively intensive operation. In Azeureus, these are called "simultaneous outbound connection attempts", if I recall, and if we're talking about the same thing.

    It is possible that the Tofu firmware is allowing more connection attempts, where the native stuff just couldn't, and you are saturating more of your bandwidth just trying to connect. Tune that number back a bit for starters.

    You may also want to look into QoS. Just turn it on, turn on the "optimize gaming apps", and set your Torrent ports to LOW as custom services. That may help out somewhat.
  12. bluefiberoptics

    bluefiberoptics Network Guru Member

    QoS is off for sure, but I will give that Optimize gaming app stuff a try. As for half-open connections, please see this to make sure we are talking about the same thing. http://www.lvllord.de/?lang=en&url=tools

    Thank you for your replies. :)
  13. NateHoy

    NateHoy Network Guru Member

    Interesting. I thnk I applied something like that on my BitTorrent machine a while back, but I don't remember it making a huge difference until I turned up BitTorrent's actual connection attempts, at which point it started impacting the rest of my machine's performance with all the overhead.

    However, you might want to start experimenting with different values in the parameters of the startup script, if you think it might be port-connection-related.

    Look around for discussions on the "BitTorrent startup script". Somewhere around here, several people (myself included) have described what each variable does. You can play with things like max connections and cleanup intervals. I'd also turn down the max simultaneous connection attempts in uTorrent, etc.

    I don't know, though, for sure what your problem is. It is odd that the stock firmware did fine (though I assume it crashed on you after some time, as Linksys WRT54G/S/L stock firmware invariably does due to the Linksys defaults). So stable and slower > faster and crashy. But Tofu should NOT be slower, at least it's not for me.

    I know that my connection slowed down using Vonage and BitTorrent both WIDE open all the time, only after I turned on QoS. But that was to be expected, since Vonage got A#1 top priority and my web surfing fought with BitTorrent for the remaining scraps. Adjusting my max upload to 95% of actual upload cleared that up almost instantly for me.

    ALL of the adjustment fiddling is very connection dependent. If you can do some checking using the speed test tools at the following sites, they might tell you in more detail why you have a speed issue, and that will lead you toward what you need to twiddle with:

    www.dslreports.org/tools (good speed test and TCP/IP optimization hints).

    www.testyourvoip.com (excellent source for someone considering VoIP, but it also gives some really good line quality tests, showing packet loss, retries, jitter, etc).
  14. bluefiberoptics

    bluefiberoptics Network Guru Member

    I've looked into it, and I think I found the problem. On my computer and another computer in the house have Firefox with "Fasterfox" installed. FasterFox increases the number of connections Firefox makes with servers. So I think that is what was slowing me down. I adjusted it and it seems to be doing ok for now. :)
  15. NateHoy

    NateHoy Network Guru Member

    How many connections is Fasterfox opening? I haven't loaded it, but I went into Firefox's "about:config" page and made some increases to the number of simultaneous connections, and that actually increased my browsing speeds. But Fasterfox may have overdone it, a bit, or maybe I just have my connections tuned a little differently.

    Either way, I'm glad things improved.
  16. flexy

    flexy Network Guru Member

    tofu, or anyone who knows:

    I am using dd-wrt (12/16) right now and toying with the idea (again) to check out tofu 11.

    dd-wrt also included a "fix" for the 5 days ESTABLISHED (!) tcp connections and set it from 5 days to like a few minutes.....problem is if a ESTABLISHED connection is only up for a few minutes it will CUT off.

    Eg. FTP needs a *consistent* established connection and NOT one which cuts out after, say, 30 mins. It's a bad idea to implement a patch which cuts off an established connection after a short time.

    I wrote about that on the dd-wrt bug-tracker already.

    My QUESTION is what fix did YOU use in tofu.

    The (NOT working) fix in dd-wrt is that they changed the setting /value in


    Does tofu manipulate this particular one too ?

    As said do NOT write a value like 1800 or something in THERE....just try a ftp transfer and then see what happens after 1800 secs with the established connection.

    Tofu, Is there some more info what you did there so i can check before i re-flash my router ?
  17. Thibor

    Thibor Super Moderator Staff Member Member

    with regard to the ESTABLISHED connection table, that is only applied to stale connections and not connections with active data transfers. it is set to 10 minutes by default in My firmware and i have no issues with connections being disconnected when they shouldn't be. i think Tofu's set his to 4 hours but the principle is the same, plus in the GUI you have the option to change this timeout period
  18. flexy

    flexy Network Guru Member

    # cat /proc/net/ip_conntrack | grep dport=21
    tcp 6 14394 ESTABLISHED src= dst=204.127.xx.xx sport=3771 dpo
    rt=21 src=204.127.xx.xx dst=24.14.xx.xx sport=21 dport=3771 [ASSURED] use=2

    yes it's set to 4 hrs (14400)....but still it would cut off all connections after 4 hrs.

    the problem is this MIGHT work with certain protocols (bitorrent ??? dont know how bt acts when a connection drops...but certainly not with some others and for sure NOT with ftp.

    *** So...what if you have a ftp going which takes longer than 4 hrs ? We WILL have problems !

    Btw. in the gui i dont see the option to change this (at least not in tofu 11)...and in tofu 11 we also dont have a /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established

    this issue really starts to weird me out.

    I think it's a BETTER solution to leave this value at the default of 5 days and just limit the hashtable max conntrack size to 2048 or so.

    as is my understanding (and regarding linux this is NOT much :) when the conntrack table fills up it gets cleaned *automatically*...at least all connections which are not establihed/assured. (Think i read that in the iptables doc which i REALLY need to read more some time).

    SO...this looks like this SHOULD actually not be a problem because the ip_conntrack table is basically self-cleaning (from my understanding).

    Problem is ONLY when people with not enough ram (like on a router !) just have too many entries there like 8192 and THEN it craps out their connection and eats their ram.

    MAYBE the better solution is really just set the ip_conntrack_max to something lower like 2048 (which is it in tofu 11 anyway) instead of forcing low-values to estabslished (and assured !!!) tcp connections
  19. NateHoy

    NateHoy Network Guru Member

    To override the "timeout", simply put the following line in your startup script:

    echo "600 1800 120 60 120 120 10 60 30 120" > /proc/sys/net/ipv4/ip_conntrack_tcp_timeouts

    Then restart, or paste the line into a command line.

    Replacing the "1800" with the amount of time, in seconds, between cleanups of what the router thinks is "idle" connections. And, of course, you can change any of the other parameters to suit your taste or needs. And, yes, you are correct - this is the timeout value for "ESTABLISHED" connections. Here are the values, in order:


    This startup script is the "standard P2P fix" for the Linksys routers. By default, the Linksys timeout on unused "active" connections is 5 days. P2P makes many such connections, since remote clients have a habit of dropping off the face of the earth without clean warning, several dozen times in the average minute. But if a connection is still declared as "active" if it's less than 5 days old, then there's nothing to be done - the connection pool overruns and there's "no room at the inn". So the "standard" P2P patch says that any connection that hasn't seen activity in 1/2 hour (or whatever you set) is considered idle and is subject to cleanup.

    But you can specify any time period you want, even changing it back to the Linksys default of 5 days (432000), if you really want to maintain idle connections for 5 days. In a non-P2P environment, you simply won't have enough idled connections to make it an issue.

    Now, as to another fix, well, this is the most commonly used one. However, I will volunteer to be a guinea pig for any other fixes you think might work better. Since folks like Thibor and Tofu, who write these firmwares, are making the changes, I tend to think there are few ill effects to them. Personally, I leave Instant Messenger and VPN connections running on my machine 24/7 for weeks at a time, and I have yet to encounter an unexpected connection drop.

    My ISP times out my FTP connection after a few minutes if it's idle, so I can't speak to maintaining an FTP connection for hours, but all of my other continuous connections seem to be holding up just fine - telnet over VPN, SameTime, AOLIM, Yahoo! IM, Vonage VoIP, Gizmo VoIP/SIP, Skype VoIP/SIP, Google IM, ICQ IM, and I know I've had active connections to my ISP's FTP server for more than 1/2 hour as long as I'm using it, including a few large transfers that took more than 1/2 hour. As long as something is getting sent every now and then, it appears to work fine. Maybe I'll try turning on keepalives in my FTP client and see how long it can go...

    However, with the startup script and a restart, you can configure the settings to anything you need to support your particular connection.
  20. sterix

    sterix Network Guru Member

    Pharma :
    This is a late question on your clarifications about whether hyperwrt needs to be installed first before installing tofu 11. You mentioned that tofu 11 already includes all the hyperwrt codebase and latest fixes. I infer that hyperwrt doesn't need to be installed before Tofu 11 is flashed into wrt54g.

    You also said that after a few days, you can revert back to the original firmware. How would you do that ? If my present fw is linksys 3.03, where can I download this fw ? The latest available from linksys website is 4.20.7 .. Thanks.
  21. ofbarea

    ofbarea Network Guru Member

  22. NateHoy

    NateHoy Network Guru Member

    You are correct. Tofu 11 is a complete firmware. From the Linksys firmware, you do a factory reset, then use the GUI or TFTP client to do a simple upgrade to Tofu 11. In my case, I didn't even do the factory reset, which was probably dangerous but worked fine. I simply did a standard GUI firmware update, then when it said "update complete" I waited a couple of minutes and restarted the router.

    Worst case, if you have trouble, you can load DD-Wrt Mini and load Tofu 11 from there, but that was not necesssary in my case with Tofu. It is generally necessary with Thibor, because (deleted - see edit below).

    EDIT: I was incorrect as to why you needed DD-Wrt Mini to load Thibor. The Man himself has provided an explanation, below, so I'm blowing away my wild-ass guess so it doesn't cause confusion. ;)

    As to reverting back, there are three methods, in increasing order of both complexity and chances of success:

    1 (simplest, dunno if it'll work). Factory reset (probably an erase nvram; reboot cycle would be a good idea), then use the GUI firmware update in Tofu to load the factory firmware, then factory reset and put your settings in.

    2. TFTP the native firmware into the unit using the Linksys-supplied TFTP client.

    3. Load any of the recent DD-WRT Mini firmwares, clear NVRAM, reset factory, then load the native firmware using that.

    It may be necessary to use #3, only because the memory in the units is limited enough that you may not be able to fit Tofu and the native firmware in memory at the same time, which is necessary during the firmware update process. DD-WRT Mini is tiny and serves as a common "bootstrap" firmware to load bigger firmwares in.
  23. DallasFlier

    DallasFlier Network Guru Member

    That makes perfect sense, but I think there's something else at work here. You can go (and I have) from Tofu 5-6-8-10 without ever having to use the DD-WRT mini in-between, and I think the GS folks can do the same thing with the various releases of Thibor. Even those are related, you still need both versions in memory at once.

    It seems that the only time the DD-WRT mini is needed for some reason, is when you switch from one firmware family to another, and not always then either. I've wondered why that's the case, haven't really seen any good explanation of it yet.
  24. Thibor

    Thibor Super Moderator Staff Member Member

    it's because the code pattern of G and GS firmwares are different and the security in v4.x firmwares are beefed up to prevent cross-flashing. DD-wrt uses v3.x code patterns that didn't have the added security so from there you can change to either g or gs firmwares, whichever floats your boat
    EDIT** the GS code is larger because of Artemis(Parental Control), the speedbooster code doesn't really alter the size(a few KB, that's all)
  25. DallasFlier

    DallasFlier Network Guru Member

    Thanks, Carl - appreciate that explanation! And also thanks for all your work on the firmware.

  26. Thibor

    Thibor Super Moderator Staff Member Member

    you're very welcome :)
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice