This page contains some work I've done to enhance the open-source Linux router firmware Tomato which is available at http://www.polarcloud.com/tomato.
This mod enhances the Tomato firmware to gain higher performance from the router. These are some of the changes that I've made:
1. Patched ip_conntrack to increase NAT hashtable size and optimized conntrack hash bucket selection filter from modulo to bitwise AND.
2. Increased the IP route cache hashtable to speed up routing when there are many connections (>4000).
3. Added fixes for network hash exploits in Linux 2.4.20 (SpeedMod 110).
4. Patched ip_conntrack_core to Linux 2.4.29 (SpeedMod 112).
5. Replaced Jenkins' lookup2 hash with lookup3 which is faster, this should improve overall speed (SpeedMod 119).
With these changes, these little routers should be able to handle thousands of connections and still remain responsive. I've been in contact with Jon (author of the Tomato firmware) and he may integrate some or all these changes into the stock firmware in the future.
NEW "BETA" QoS features in SpeedMod 120
WARNING: Advanced users only!
1. Implemented the TC-ATM patch. This enables QoS to work accurately for ADSL users.
2. Enhanced the SFQ qdisc: Changed the SFQ hash to use Jenkins' lookup3 hash and increased the hash bucket size from 1K to 16K which will result in less collisions.
3. Turned off HTB hysteresis for more accurate traffic shaping.
The ATM calculations are not enabled by the QoS GUI in Tomato. You need to manually configure tc using a firewall script. You also need to use the correct overhead amount for your type of ADSL connection.
TC-ATM details at http://ace-host.stuart.id.au/russell/files/tc/tc-atm/.
Note: I did NOT implement the "nohyst" option in the tc command line because I already disabled HTB hyteresis in the source code.
From the table given in Russell Stuart's website, assuming my overheads are 32 for outbound and 32 for inbound, an example line in the tc command for my outbound interface is:
tc class change dev ppp0 classid 1:10 htb prio 1 rate 800kbit ceil 800kbit overhead 32 atm
And for inbound IMQ:
tc class add dev imq0 parent 1:1 classid 1:10 htb prio 1 rate 10000kbit ceil 10000kbit overhead 32 atm
For fellow firmware hackers, here is the source code for the TC ATM patches.
[ If you like my work CLICK HERE to buy me a drink via Paypal! ]
DOWNLOADS (Updated 30-Jul-10) Tomato 1.28 + SpeedMod 120:
Click HERE to download SpeedMod-patched Tomato 1.28 firmware for:
- Buffalo WHR-HP-G54 / WHR-G54S
- Linksys WRT54GL / WRT54G v1-v4
- Linksys WRT54GS v1-v3
- Linksys WRT54GS v4
- Linksys WRTSL54GS
- Motorola WR850G
- Buffalo WHR-G125 and Asus WL-520GU
- Linksys WRT54GL / WRT54G v4 / WRT54GS v1-v4 (experimental)
Not sure which version WRT54G/GS you have? Click here to check.
These patched versions were built from the Tomato sources with my patches on top. They work on my WRT54GL and WHR-HP-G54. Try them at your own risk, no guarantees!
For the geeks, if you want to recompile the Tomato source code yourself and implement my patches, download the source and follow the procedures to recompile Tomato, then untar my patches over the source directory.
With these patches, in the web admin page Advanced > Conntrack > Maximum Connections you should be able to increase the value to around 8192 (for 16MB RAM routers) and still get good response from the router. Be careful when increasing this value, because the router might run out of RAM, depending on which other features of Tomato you use.
UPDATE: QOS SFQ vs PFIFO
I no longer recommend using the PFIFO qdisc for QOS, and recommend using the (default) SFQ qdisc. If you have previously used the hidden setting to enable PFIFO, you can disable it by:
nvram unset qos_pfifo