Hardware Router Charts

These charts summarize the upload and download speeds of the routers we've tested. Did you find any surprises?
102 answers Last reply
More about hardware router charts
  1. Yes I did! This would explain my problems with my first SMC router... and why the WRT54GS it got replaced with has taken the same and heavier loads and not given me a single problem...

    I have a question though, what would get a router to qualify for QoS? I ask because the WRT54GS offers QoS tools and options for bandwidth management, but it is not listed as having them in the chart. :)

    Since the Linksys WRT54G is exactly the same router just without speedbooster, I'd assume it would also have the same QoS options?
  2. Quote:
    Since the Linksys WRT54G is exactly the same router just without speedbooster, I'd assume it would also have the same QoS options?

    True, I have a 54G v5.0 (which I bought for a really good price, otherwise would have gotten one of the older Linux-based versions). It has QoS on it that worked rather well. I am now using it as just a WAP and switch, with an old computer running IPCop for my router. But the features are there, since the latest firmware at least. I wonder if they are on any of the other routers, just unadvertized.
  3. I own the Linksys WRT54GS V3.0 and too very surprised about the throughput. Right now the router is sitting on a shelf and using an old PIII PC running IPCop with 4 NICs. Running like a champ. I picked up Kill-A-Watt to find out how much this old Dell OptiPlex GX150 uses and according to the meter it uses 31 watts which isn't bad at all. As for wireless access I am using the WAP54G connected to blue network.

    So I'm happy with the PC setup for a router.

    I noticed alot of ISPs are on a race to increase speed so it'll be matter of time when the current routers can no longer support the higher speeds.

  4. Thanks for the info on the QoS features in the Linksys routers. It had been awhile since I tested those routers, which didn't have the QoS features at the time. I've updated the chart.
  5. One of the niftiest routers out there is the Yamaha RT57i, voip, sip, nat, goats, everything and a serial console. Oh, wirespeed PPPoE, and pptp too.

    If you have more money, then the Yamaha RTX1100 is the way to go, it adds vlans, QoS, hardware accelerated VPNs, even more goats and SNMP.

    Unfortunately for most of the readership here, they aren't marketed outside the country, probably because you have no ISDN ^^;


    If you ever do get one for testing (I would find it interesting to see how they compare), then the magic command you need is "console character ascii".
  6. I had a big surprise - although, looking back it makes some sense.

    I had a 3COM 3c510 router from way back,... '00~'01... its internals are similar to the old SMC barricade. Whenever I used it to connect to either a DSL modem or cable modem, I always felt a bit disappointed in not seeing a serious throughput improvement later on in years. I assumed that since its WAN port was 10Mbit, I should see a difference in modem speed increases. But I had not. The latency never decreased significantly enough.

    I even tried a Linksys BEFSX41 for awhile, but didn't see an improvement over my older 3COM - the Linksys also loved to cut my sessions short randomly. I switched back.

    The 3COM recently died (aka a month ago), so I decided to splurge as I had back then on the 3COM, on the D-Link DGL-4300......


    Now looking at that chart I am surprised to see the Linksys was supposed to be a better performing unit.

    Thank you for that chart - I like to refer friends, etc., to examine the performace charts here for their buying decisions. This will help greatly as have the others.
  7. Glad to help. We are one of the few (perhaps the only) places that published throughput data on these products. Router speed didn't used to matter much in the buying decision, but higher throughput (at least for download) Internet connections are becoming more common.

    Wait until we start to publish UDP (streaming) data. Many more surprises there! :)
  8. I just got the Belkin Pre-N router from Costco. How do you think that will rate compared to this lineup? Any ideas?? (I have the DI-604 right now)

    BTW, awesome job on the lineup!! I've always wondered how different routers compared to one another and I've never seen it anywhere else like this, so this is some cool info! :D

  9. Good question. I have the router here so will try to get it added soon.
  10. Awesome! Thanks!! :)
  11. I have RCN cable connection 10Mb down and 700Kb up.
    I feel a major boost when I upgrade from my old netgear router to 3com router.
    Guess my 3com router is good enough for now.
  12. I have a D-Link DGL-4300 and a 10 megabit (both directions) fiber pipe. The D-Link DGL-4300 maxes out at about 1.8 megabits/sec up the WAN. I had hoped, based on the THG review and other postings, that it would do better than this. Why did they bother putting a 10/100 port on the WAN since it can't even come close to filling the 10?

    My test is to run eMule. This machine fills the upstream pipe (a megabyte a second, sweet!) if I put it straight into the fiber box. I tried the 1.6 firmware. I tried putting the machine in the DMZ. I've contacted D-Link tech support to see if they have any ideas. The only good news is so far at least the router doesn't crash or lock up like the SMC Barricade did. Note also that the gigabit LAN does not support jumbo frames.

    If anyone has any other ideas I'm game.
  13. I'm confused about your test setup

    This machine fills the upstream pipe (a megabyte a second, sweet!) if I put it straight into the fiber box.

    So you're saying that if you connect a computer running emule directly into your fiber modem, you get around 8Mbps upstream?

    The DGL-4300 has built-in QoS to manage upstream bandwidth (GAMEFUEL) that could definitely affect you. Make sure GAMEFUEL is DISABLED.
  14. The fiber box has a single static IP with a single port (I think 100Mbit since they offer 20 and 100Mbit service, and say ask for quote for gigabit service). If I use no NAT router at all, just computer straight to fiber box, eMule reports Upload of 1000 KBytes/sec. The correct number when I insert the DGL-4300 in between the computer and the fiber port is: 200 KBytes/sec. I always figure you'll lose 10% to overhead of some kind.

    When you upgrade the firmware, the DGL-4300 forgets all the old settings. In its initial dumb settings, most stuff is turned off, including GameFuel. I will double check though.

    The comparison chart is a great idea! As far as sucking up all the upstream possible, I suggest that eMule is a very good real world test. Does eMule strain the UDP or the TCP though?
  15. D-Link tech support, among others, suggested I turn off GameFuel AND all the advanced apps. Indeed, in version 1.6 of the firmware they are all turned on out of the box. Unfortunately, this only seems to have boosted me maybe 10%, up to 220 KBytes/sec. I think it would be important to characterize the load that p2p (eMule, BitTorrent, etc.) impose on a router. In fairness, this was sold as a gaming router, not a p2p router.

    We really need to use real world benchmarks in rating these routers. I mean, that is how games are tested. From what I've seen so far, the theoretical benchmarks are deceptive.

    I suggest another set of comparisons and charts: actual sustained eMule upstream performance. Downstream could also be measured.

    Would still like to profile the eMule load, how exactly the DGL-4300 falls down, and which theoretical benchmark this puts the lie to.
  16. Quote:
    This table summarizes the upload and download speeds of the routers we've tested. Did you find any surprises?

    I found the 4300's routing performance to be superb. Figure 14 shows essentially 100Mbps wire-speed performance, which puts the 4300 in the same class as the Linksys WRT54GX, Buffalo Technology WZR-RS-G54, and ASUS SL-1000 . I used Qcheck to run Response Tests, which came in as I expected at 1mSec - the lowest that Qcheck can measure.

    My surprise was that in a real world application, eMule, the D-Link DGL 4300 is hardly superb or wire-speed. In fact it is only 2.5% of wire-speed. I'll dick with it for a few more days but right now it looks like I have to sell the thing off. The alternative is to keep the p2p box straight on the FTTH, and hang the rest of the network off the back of it off a second NIC and use Windows Internet Connection Sharing. Removing the 4300 and going direct will get me up from the 250 KByte bottleneck to 1000 KBytes/sec on eMule.

    It would be interesting to characterize the load that eMule imposes, but bear in mind that it only opens 40 connections before the DGL-4300 throws in the towel. I've tried turning off almost every feature and I'm starting to give up hope.

    IMHO there is a huge discrepancy between the graphs put forward and the actual real world performance. If you had a 10 mbit FTTH pipe, what would you do with it? Certainly p2p is a primary use. Just as graphics card reviews have page after page of benchmarks in Quake, Serious Sam, Unreal, etc., router benchmarks demand graphs of performance in eMule, BitTorrent, Newsbin, etc. Just upload and download some recent Linux distros and report the results. Wire-speed my foot.
  17. I went into the advanced menu and turned off all the advanced features, including gamefuel and even SPI. Obviously, I need one feature to route the eMule ports, and I've tried 3 different ways to do this with little difference.

    eMule reports 40 connections, and in the XP command line, netstat -a reports 160 connections. 90% of them are TCP not UDP. Honestly folks, is that asking very much from a router?

    At best, the D-Link DGL-4300 pushes up 250KBytes/sec, not the 1000KBytes/sec I get when I go direct, and only about 2.5% of the "wire-speed" horse-sh*t I've seen bandied about.

    I'll try to leave this config up for another day or two in case anyone (including D-Link) has any bright ideas, but right now its looking like "D-Link DGL-4300 For Sale, Cheap".
  18. Quote:
    At best, the D-Link DGL-4300 pushes up 250KBytes/sec, not the 1000KBytes/sec I get when I go direct, and only about 2.5% of the "wire-speed" horse-sh*t I've seen bandied about.

    I'm trying to help here, and it sounds like you're frustrated with the situation. The product is wire-speed when tested as described in the test procedure linked from the review.

    Is is just upload speed that is limited by the router? What about download?
  19. Basically, I'm a pioneer who's taking one for the team here. I'm not frustrated with you. Though I have to ask some serious questions about the usefulness of the theoretical benchmarks on which you've based most of your tests and your comparison graphs, about whether the test procedure has any bearing on the real world. Setting aside any emotions, my bottom line suggestion is that Tom's Networking do real world tests of routers (as is routine with every test of a graphics card). Just run eMule and put up some recent linux distros, that will suck every bit of your upstream. Can I convince you to try this with your DGL-4300? I think even most laptops could muster 10 megabits, if you could find a network somewhere that would let you jack in. I also suggest you add a BitTorrent graph. I agree that this adds the vagaries of the internet, but actually if the internet is construed as an infinite source/sink, I think its valid.

    I'm not sure have any good tests for download, with or without the router in the loop. Maybe I could try to find some of those same popular downloads and set them up on eMule and see what happens. The nice thing about eMule tests is they tend to set up several sources across the internet, plus they are easy to set up. That and they are one of the few real world situations people might use these routers for. Surely, adding upstream to p2p is a noble goal.

    I turned of SPI and it might have got me from 220 to 250KB/sec. The feeble upstream is a deal killer for me, but would you expect the downstream to be worse or better than the upstream?
  20. Unfortunately, I don't have access to an Internet connection that supports upload speeds anywhere near what you have. Fiber-based connections are just starting to roll out in the U.S., but they won't be anywhere near me anytime soon. So Internet-based testing is out.

    I suspect that the performance issue you are running into is similar to one that gamers long ago found with the server "discovery" techniques used by some applications. These applications would launch dozens, if not hundreds of server queries in a very short time, opening up more simultaneous connections/sessions than most of these products were designed to handle.

    In the end, I think that the applications were modified to allow the user to set the max # of simultaneous queries because most consumer routers just didn't have the memory available to allow port mapping tables with hundreds of entries.

    For eDonkey/emule it's not just simultaneous pings, but high-speed file transfers that are launched in the dozens. Each transfer needs session management, a (deep) buffer, CPU time and code tight enough to keep data flowing smoothly into and out of the buffers. This is probably beyond the design goals of most consumer routers, especially given the legal issues around P2P networks.

    eMule reports 40 connections, and in the XP command line, netstat -a reports 160 connections. 90% of them are TCP not UDP. Honestly folks, is that asking very much from a router?

    From the explanation above, the answer is yes, that can be asking a lot if many of those sessions are continuous file transfers.

    The reason I asked about download speed was just to see if the problem you're having is symmetrical. You're complaining about the upload speed, but not the download, so I was just trying to find out why.

    A better approach might be to work with the eDonkey network settings. It could be that "less (connections) is more" when it comes to high-bandwidth connections. You might also see if newer clients really do have the "highly optimized code" referred to in the eDonkey FAQ http://www.edonkey2000.com/documentation/confignet.html, which supposedly don't need to open as many connections.

    As far as changing our test techniques, we'll give it some thought, since as you said, P2P is pretty hot, especially for users with big Internet pipes. My guess is, however, that it will be awhile, if ever, before consumer routers are designed to not be a bottleneck for P2P on high-bandwidth Internet connections.
  21. I ran some experiments with IxChariot and a DGL-4300 upgraded to firmware 1.6. I used the throughput.scr script and TCP/IP. The throughput script basically sends data as fast as it can from one machine to another.

    IxChariot lets you replicate test pairs, which basically creates multiple virtual machines running the test.

    I first ran a one minute test with one connection each up and downstream and got 130 Mbps total throughput. This is higher than my single stream test, which was most likely being limited by something in TCP/IP. I then increased the number of up and downstream pairs. I saw 123Mbps total throughput with 63 up and down pairs.

    At 64 pairs (128 connections) I started to get failed connections, but the router stayed up and handled the other traffic.

    While this doesn't explain your problem, it says that the router is doing a pretty damned good job for a consumer piece of equipment!
  22. There are not a lot of places on the planet that offer FTTH, I think there was 1 square block of Palo Alto that had it as a trial, until SBC queered it. Comcast has got 4 or 6 megabit downstream, but they're a long way off on upstream. And to tell you the truth, my provider here seems to not be offering me the full pipe for the last few days, so some of my above whining should be discounted. Embarassing. I'll fool with it some more in the coming days, though I did notice I went from 250 up to 300 KB/sec as soon as I took the DGL-4300 out of the loop. (How come I didn't go up to 1000 like I used to is the other question). I should also try to determine if I can get the full pipe downstream.

    I again encourage you to consider adding real world benchmarks: this is just plain standard for benchmarking graphics cards. If people ever get any bandwidth, what are they going to do with it: p2p.

    I still think you could haul a laptop and a router over to a friendly university or corporation or ISP and borrow a fat pipe. There are legal uses for p2p and you could test it with linux distros.

    Will post more results when I can set up a clean experiment.
  23. It sounds as though with all of what is going on at your end, you may want to consider building your own NAT/firewall/DHCP box via a form of linux.

    You mention you have fiber to the home, yet I'm curious as to what media conversion is going. Do you own the equipment that is converting from fiber to say Cat6, or what is it entering your place?
  24. Quote:
    It sounds as though with all of what is going on at your end, you may want to consider building your own NAT/firewall/DHCP box via a form of linux.

    You mention you have fiber to the home, yet I'm curious as to what media conversion is going. Do you own the equipment that is converting from fiber to say Cat6, or what is it entering your place?

    The ISP simply gave me a tiny metal box with fiber in and a single 10baseT plug (well, it must be 100 or 1000, since they also offer 5, 10, 20, 100 and 1000 mbit service) out and a single static IP.

    I've been reading about this http://www.wi-fiplanet.com/tutorials/article.php/3562391
    and this
    Interesting but I doubt the Linksys has the horsepower. I wonder what speed CPU and how much memory are in the DGL 4300?
  25. Since some of the article discussion was dedicated to the D-Link DGL-4300 and I also have one, I'd like to know if putting one machine in the DMZ can really help improving performance (especially if that machine is the one doing most traffic/connections).

    In my specific case, I'm happy with my DGL-4300, but I don't have an upload speed nowhere as good as luh3417's. Anyway, I also agree with having more "real life" tests (heavy eMule use being one of them).

  26. If your speed is trending downward, I wouldn't doubt that your ISP is watching for P2P type traffic and possibly doing some sort of throttling.

    Info on the DGL-4300 internals is here:
    http://www.tomsnetworking.com/2005/03/04/review_dgl4300/page3.html. Sorry that I didn't get the RAM and Flash info.

    Unless Linksys has upgraded the processor on the WRT54 non-MIMO routers, they won't provide anywhere near the performance of the DGL-4300.

    The experiments I described in my earlier post had the LAN-side machine both in DMZ and with the ports forwarded for IxChariot to work. DMZ generally doesn't make a throughput difference, since the NAT "engine" is still involved, forwarding all ports instead of just selected ones.

    As I said, I am considering adding other tests, but they will not be Internet based. However the experiment I ran with the 100+ simultaneous connections indicated that there may be some other, possibly ISP-based effect, occurring that is limiting bandwidth.
  27. Just noticed the update to the chart. Thanks, Tim, for looking at the Belkin! It looks like I will be much happier with the throughput than I have been with the DI-604.

    Look forward to the future updates! 8)
  28. The interresting thing to test, is how much the routers will cause lagging due to response time. I own and run an internet game cafe. Today I use an ordniary PC as a router for all my computers, as I found this constallation to be the most fastest one and less lag. But I would actually prefer a router, since this has short startup times, lower power consumption and easier to use. I've tested a D-Link Router once, but my customers complained about noticeable lagging in our on-line games, and I therefore had to bring back the PC-Router again. That removed the lagging AND the complaints from my customers. Today I use 40 gaming clients on a 2 mbit ADSL line, which actually does the job very good at this bitrate.

    A test using a scenario similar to mine, would be most welcome.

  29. At my previous home i had 10mbps fiber service as well. I ran a Linksys router (sorry do not know the model, but it would be maybe 2 years old by now?) with this connection.

    The whole setup was fiber to the house, then sent through cat5 into the house to the router, and wired by cat5 to the NIC.

    I two had a problem with upload speeds when doing file sharing, but mine were only with FTP (did not matter what port I set it up on), and on AOL Instant Mess. The file transfers would max out anywhere from 170-220kbps. The only way for me to get around this problem was to allow users more than one connection to the ftp, and have them download another file at the same time. That way they would be downloading at 440kbps, but via two ftp connections and so on. I once did a test with a friends server in Texas (I am located in Cali) where we opened 12 connections through FTP. 6 for uploading and 6 for downloading, and were able to achieve 1200/1200 u/d.

    I had no bandwidth restrictions in the FTP program settings, I was the DMZ and had all the ports forwarded to my box.

    I also should add that while doing torrent activity my upload speed was not affected at all. I could control the speed all the way up to 1200kbps with no noticable restrictions on speed. But then again this was a good 2 years ago when torrents were not as main stream and watched for as they are today.

    The main thing that makes me think it is a ISP related issue is that when I did file transfers between me and a friend on the same ISP services, the speeds would not suffer. I could both send and recieve at 1200+kbps for an extended period of time.

    I never really thought about it too hard until right now, but from gathering what luh3417 has described and from my own personal experiences, it seems like the ISP was limiting traffic on ports known for illegal p2p activity, etc. Its also possible that they are restricting your speeds due to high network load across their service area.

    This is just my two cents. I am not a technitian, have a degree in this field or a whole ton of experience. So I guess just take when I have said with a grain of salt? Hope it helps to shed some light on things. :D 8) 8O
  30. Curious about the Linksys/Cisco RV0 series...as in my area, most connections are 6 or 8 megs now..but with faster connections looming on the horizon...well, I do a lot of installs of these for small-medium business networks.

    I see you tested the RV082 quite a while ago...a few firmware versions ago. They just released, this past month, a new firmware, which according to Linksys....

    ..."RV082 Firmware v1.3.2 Release Note

    There are two firmware systems used by RV082. One is firmware v1.3.x which uses the newer Intel CSR1.2.2. The other is firmware v1.1.x which uses the original Intel CSR1.1. The look and feeling are quite similar, however, the v1.3.x firmware provides more features and better performance than v1.1.x. For example, the NAT firewall throughput has reached 200Mbps (bi-directional wire speed) and the IPSec throughput (3DES) has a maximum over 90Mbps."

    Was disappointed to see it hover around 20 megs throughput in your test...I'd seen another article somewhere that showed around 60 I think...curious to see if you'd still have one available to test with the new firmware.

    It's a fantastic business grade router, nipping at the heels of Sonicwalls, Watchguards, little Cisco PIX boxes...at 1/2 the price. Would love to see performance numbers stick up for it more. :) 533MHz under the hood..she should be able to do a bit better.

    Any chance of getting her on the bench again?

  31. David Cook wrote several articles on m0n0wal a while back. I would argue that it could deserve a place on the chart, excpet for the many different platforms on which it can run-- thereby needing: your mileage may vary disclaimer

    According to http://m0n0.ch/wall/facts.php throughput on a Soekris net4501 is about 17 Mbps, 50Mbps on a net48xx or WRAP board, and limited by NIC on a PC.
  32. luh3417:
    I've experienced similar issues with the WRt54G with a modified firmware (the sveasoft) and from what i found online apparently the cpu can't handle their pppoe implementation (spikes to a 100% throttling it).
    As someone else suggested the best solution probably would be a linux box, though i'm still looking for a simple package to implement all functionality present in a standard router with a similar interface.

    about your post regarding m0n0wal is there something similar that can be added to an existing install of Suse (I dont want to be wasting the power of an extra box if I dont have to. Also heh is there any way to bond two connections that way as well? (1 cable / 1 fios connection distributing total bandwidth over the network)

    PS I've got 30 Mbps down / 5 Mbps up FIOS
  33. My cable co. recently updated to 9mbit down and 1mbit up. I added to that sweetness with a DLG4100 router, and I'm not seeing any of the problems posted here by other DLG owners. I get a full 15mbit down average peaking over 20mbit at times. This router handles the speed with aplomb and keeps going. Any speed problems seen by others here may be due to their ISP or wireless interference, not the DLGs.

    So far the only problem I have is finding good internet speed test web sites, as my link out does all of the currently available sites.

    I've only verified the test by downloading multiple files in unison from Microsofts MSDN sites, which have increadably large outgoing pipes. Though I could figure there are other sources for high transfer downloads from multiple links.
  34. luh3417,

    I'd like to share a problem I ran into early with the DLG router I have. (BTW it also affected a Linksys RV042)

    When I first installed the router I started having problems accessing some of the web sites that I frequent. I trace routed the sites addresses and was being stopped in the middle somewhere with response time outs. D-Link was EXTREMELY helpful with this problem and returned real answers and not watered down "consumer" answers. I was and still am impressed by their tech support team.

    Anyway, what the problem turned out to be was the MTU settings. Using "auto" would sometimes cause the packets to be incorrectly sized for communication with some of the internet's backbone routing systems. (remember this affected a Linksys too.) I first set the MTU off of auto and set it to 1492. Bingo! The problem was fixed.

    After reading more about this, I found that even lower MTU settings can help on-line gaming too. I finally ended up with an MTU of 1024 and got some of the best ping results I've ever seen. But, alas had to up the MTU back to 1364 because my Xbox360 would not connect to Live without the MTU being at least 1364 (go figure.)

    You might try setting you MTU in the DLG to 1492 and see what happens to your through put then. Your P2P software may be having communication problems due to the "auto" setting. The MTU is found in the "Basic" tab under "WAN" and the "Advanced" button at the bottom of the page (nice of them to hide it.) Please let us know if you see any difference with that setting.
  35. Quote:
    The interresting thing to test, is how much the routers will cause lagging due to response time.

    Today's consumer routers generally have response times below 1mS (the limit of our measurement tools). The rare times when I see anything higher than a millisecond is usually due to a buggy implementation of the Stateful Packet Inspection (SPI) firewall features. Depending on the router, you might or might not be able to get rid of SPI-caused lag by disabling the SPI feature on the router.
  36. Narg,

    Good suggestion on trying to adjust MTU. I'm not sure why it helped ping times, but it definitely could help speed up file transfers.

    You do need to be careful with the setting, however, as you found with XboxLive. Some sites/services are particular about how packets are fragmented.
  37. YeOldeStonecat-

    Re getting the RV082 in for a retest, the chances right now of that are none. Linksys currently will neither supply product for review nor communicate in any way with TomsNetworking due to its disagreement with our editorial policies.

    Glad to hear that the RV082's are doing well for you. They had a rocky start with many bugs...
  38. Re: FTP throughput limits

    You were probably running to the limits of your TCP buffers. Read up on Bandwidth Delay Product.

    Re: Router testing

    I'd really like to see how the real gear compares. I don't suppose you'd want to do an eval of low-end commercial firewalls? I'm thinking the Netscreen 5gt (now owned by Juniper), WatchGuard Firebox SOHO 6/6tc, etc. I have a Netscreen 5XT (the predecessor to the 5GT) as my firewall/router, and have been nothing but pleased. Of course, it does cost more, but I needed something that would support multiple upstream IP addresses, and I was tired of maintaining my Solaris x86 based firewall.
  39. We've tested some "real" products about three years ago:


    Which makes them pretty ancient now. We'll look into doing more in the future. Don't expect anything from Cisco, who tend to balk at providing product for review.
  40. Are you planning on doing a review of the D-Link DI-624 (revC) anytime soon? I would love one since I just bought one myself...
  41. The chart was interesting, thanks for this effort and for every other for the last x years! :lol: I'm bothered by a couple things in this router market.

    First, most of the newer routers are wireless, and I'm not yet prepared to cut the cord for my internal networks. Reviews of wired devices are pretty old and it's difficult to compare quality of newer devices to older.

    Second, these routers are often plagued by issues completely unrelated to performance. Advertised "features" are irrelevant if the firmware doesn't properly support them. I've had a Linksys BEFSX41 for a few years as an example. I can't tell you what a challenge it has been to find a firmware cut that doesn't break everything else - the latest is absolutely not the greatest. You need to decide if you want the router to support tracert or VPN, torrent or ping, DHCP or some IM clients. (I don't recall specific issues, those are inaccurate but very close examples.) You then need to find some hacked firmware that supports the features that you want at the moment.

    Third is support. It seems these companies lose interest in supporting their devices and related firmware faster than other industries. The push is to move on to sell something new even though what they have doesn't work properly. Many companies do this but the practice seems even more prevalent with firewall/routers. In some cases the devices and/or firmware aren't even developed or supported by the companies who brand them, so their answer to "support" is to contact another company, often some guy in China, Russia, or Germany, who may not have time to tweak the code anymore. I've had long exchanges with official Support departments who didn't have a clue that the issues I was reporting were commonly known among forum members, or that the stock solutions they were proposing were already tried and invalidated years ago.

    Fourth and last, when I investigate a firewall/router, I am as much interested in the firewall capabilities as the routing. We almost never see any data regarding how well protected our networks are, it's all about speed and the ability to open ports rather than secure them. I am much more concerned about protecting my network than performance. Maybe I don't know enough about how people exploit these vulnerabilities but I'm surprised to see few firewall-related patches applied to hardware devices, with responsiveness similar to software anti-virus protection. Are there so few known exploits? Is it assumed that even if we have a hardware firewall that we're using something like ZoneAlarm or Windows Firewall? Then what's the point of having a built-in firewall? I was at a presentation where a SonicWall sales guy was essentially selling his products on the basis that NAT-based hardware firewalls were inherently insecure. OK, chalk that up to scare tactics, but if the propaganda isn't refuted then how do we know?

    I'm not sure if OSS soft firewall/routers are subject to the same issues but I'm more inclined to go this direction now than I am toward hard solutions. I used to use the floppy distro "Share-The-Net", and I'm about to look at Smoothwall and IPCop. As someone else here mentioned, performance comparison with these soft solutions is largely dependent on the hardware running them, but it would really be nice to see these included in an overall comparison of firewall quality and intrusion prevention and reporting.

    Thanks for your time and to everyone here for their interesting comments.
  42. As has been mentioned before in this thread, linux boxes are a great solution, at least in my experience, but just how great are they? I would really like to see a home-brew solution in your chart. I run a linux router that I paid around $10 for. $5 for the computer from my school's used computer auction and a couple dollars each for some NICs. It has a 200Mhz PII processor and 192MB of memory, and it also acts as a web cache which really speeds up browsing. It's running IPCop. It would be great to see how a solution such as this compares to the latest consumer products.
  43. Luh,

    It sounds to me like your service provider is running some sort of traffic management. Something like this.


    The NetEnforcer is essentially a QOS Appliance on steroids. The NE can operate all the way to layer 7 so it can control bandwidth, per PC and Per application. When you are connected to a traffic managed network your traffic falls into a default "pipe" and as the device learns about your machine mainly the Mac Address and a few other things you will be given the bandwidth you have paid for, certain applications may be accelerated others will be restricted. I have one service provider that gives many online games priority over everything but VoIP, VPN and Video and basically sends P2P back to the stone age. So switching from the router which would be a known device to a direct connection to your PC you may have alluded the device momentarily, eventually it will catch up with you. I would talk to your service provider and see what they say about traffic management.

    Now in a proper managed network you will be informed that this will happens, usually in the fine print. A poorly managed NE or other traffic shaper can cause countless problems for a service providers and their customers. The most progressive service providers will sell you a service level for say P2P or Games for a small fee 5 or 10 bucks a month something like that. P2P is very expensive for service providers they have to pay for the bandwidth coming out of their network so Traffic Management helps them lower costs and keep your broadband connection affordable.

    Traffic Management and open networks are a heated topic the best providers in my opinion will always offer customers a way to get what they want. The worst block everything they can and tell you about it after you have signed a year contract and then offer no solutions. I unfortunately deal with the latter.

    One option to avoid being traffic managed is to get a VPN connection from a 3rd party. This does a pretty good job of hiding your traffic from a Traffic shaper. All the device sees is VPN not individual traffic types. The drawback is that you have to pay a VPN provider for that and you are at the mercy of their network connection.

    To be open I should let you know that I do resell NEs but I do not work for the company that makes them.

    If you have made any discoveries about the Dlink problems it would be great to hear.
  44. The absolute fastest solution to bittorrent is to run it on a webserver. One of my friends pays a monthly fee for a server at a hosting company. He hosts several websites and some software called torrentflux. It's basically a bittorrent client that runs on a webserver and can be used via any browser. You let your torrent run and then download it from the server via http or ftp. I've seen torrents download at over 1 MB/s and I've transferred completed downloads to myself at over 2MB/s. Just to clarify the above figures were in bytes, not bits. And before anyone shakes their head at the 2MB/s figure, I live at college and it was the middle of the night so I was darn near maxing out the 25 mbit connection that my school has.
  45. Yup sounds about right good way to get around the man and his filters. Http is http. More flexible than a VPN service you have the option of hosting other things as well.
  46. Quote:

    Re getting the RV082 in for a retest, the chances right now of that are none. Linksys currently will neither supply product for review nor communicate in any way with TomsNetworking due to its disagreement with our editorial policies.

    If one were to appear at your doorsteps for a short visit? :wink:
  47. Quote:

    I've had a Linksys BEFSX41 for a few years as an example. I can't tell you what a challenge it has been to find a firmware cut that doesn't break everything else - the latest is absolutely not the greatest.

    After having installed/deployed/supported a bit over 200 of those sx41 units (in my opinion..the best "under 100 dollar router" out there)...I hope you came to the conclusion old 1.45.7 was the best firmware. Stay away from any 1.50x and 1.51x variants, and 1.52.9 is somewhat OK...memory leak if enabling UPnP though.
  48. Quote:

    Re getting the RV082 in for a retest, the chances right now of that are none. Linksys currently will neither supply product for review nor communicate in any way with TomsNetworking due to its disagreement with our editorial policies.

    If one were to appear at your doorsteps for a short visit? :wink:

    I'd be happy to run it.
  49. Mr Higgins,

    thank you for a very informative article. I would like to know what would be the benefit of moving from these "home" $100 routers to a Cisco one either an 800 series or 1800 series. I understand that the Cisco routers have more memory.

    To understand my case, I now have a 1mBit connection and I would upgrade to an 8Mbit one when it becomes available (I live in Nicosia, Cyprus, Europe). I use to have a Netgear wgt624 and had problems with it, as everyday it would drop the internet connection and I had to reboot both the router and the modem. I now changed to a 3Com Officeconnect Wirelss G Cable/DSL router and everything is better but again perfect. The connection drops evry 3-4 days. I have to say I am heavy Bit Torrent - Emule user and have one PC on my network dedicated on this. My network connects over 20 devices, 10 of the PCs and various other gear: printers, satellite decoders, pvrs, audio servers, e.t.c.

    Would a Cisco router offer better performance for me? What are the other benefits if I change to a Cisco router?

    Thank you.
Ask a new question

Read More

Article Discussion Hardware Routers Download Product