Posted: Wed Aug 06, 2014 9:39 Post subject: DDTB (HW-NAT) routing performance on ARM-based AC routers
Update: Starting with 24850M (page 4), I am seeing high speeds in lab setups, but when connected to my ISP, I am also seeing the broken connectivity problem that many (but not all) users have reported.
- Original post below -
I recently got Google Fiber, which has gigabit WAN. Unfortunately, this meant that my existing router (a TRENDNet TEW-673GRU running DD-WRT build 23919) could not handle the full WAN speed--it gets about 340Mbps.
So I got a WZR-1750DHP, and flashed it with build 24760 to try out DDTB (DD-WRT TurboBoost; the re-implementation of Broadcom's CTF). I maxed out at 265Mbps.
So the older single-core 680MHz router running a build of DD-WRT without DDTB outperformed a newer router with dual-core 800MHz CPU with a DD-WRT build that uses DDTB.
* I ran "iptables -vnL -t raw" as Kong suggested in another thread, and confirmed that ddtb is indeed active.
* No, I was not using QoS. And the new router was configured similarly to the old router.
* I didn't get a chance to test the stock firmware because my ISP requires VLAN tagging and CoS marking, which is something that the stock firmware does not support.
Anyway, I remember reading in another thread Kong saying that these builds of DDTB are actually debug builds and are slower, but it still surprises me that it couldn't even beat the DD-WRT of a 4-year-old router. (Which is fine--I know that DDTB is a very new thing and that the dust has yet to settle on it, and I think it's exciting that this is being worked on. I was just worried that maybe there was a problem on my end.)
Has anyone else tried out DDTB? Are you seeing something similar too, or am I doing something wrong?
Last edited by code65536 on Sun Aug 17, 2014 14:55; edited 3 times in total
Posted: Wed Aug 06, 2014 11:48 Post subject: Re: DDTB routing performance on ARM-based AC routers
code65536 wrote:
I recently got Google Fiber, which has gigabit WAN. Unfortunately, this meant that my existing router (a TRENDNet TEW-673GRU running DD-WRT build 23919) could not handle the full WAN speed--it gets about 340Mbps.
So I got a WZR-1750DHP, and flashed it with build 24760 to try out DDTB (DD-WRT TurboBoost; the re-implementation of Broadcom's CTF). I maxed out at 265Mbps.
So the older single-core 680MHz router running a build of DD-WRT without DDTB outperformed a newer router with dual-core 800MHz CPU with a DD-WRT build that uses DDTB.
* I ran "iptables -vnL -t raw" as Kong suggested in another thread, and confirmed that ddtb is indeed active.
* No, I was not using QoS. And the new router was configured similarly to the old router.
* I didn't get a chance to test the stock firmware because my ISP requires VLAN tagging and CoS marking, which is something that the stock firmware does not support.
Anyway, I remember reading in another thread Kong saying that these builds of DDTB are actually debug builds and are slower, but it still surprises me that it couldn't even beat the DD-WRT of a 4-year-old router. (Which is fine--I know that DDTB is a very new thing and that the dust has yet to settle on it, and I think it's exciting that this is being worked on. I was just worried that maybe there was a problem on my end.)
Has anyone else tried out DDTB? Are you seeing something similar too, or am I doing something wrong?
Just use iptables command to check if your traffic goes through ddtb, e.g. do a reboot, then run your speedtest, now you should see how much traffic went through ddtb, e.g. in my case 1168MB tcp traffic ...:
if it looks like no data goes trough ddtb, then you can check other targets and debug it.
Possible reason why throughput is bad: you ran speedtest while going through privoxy, privoxy needs quite some cpu power and would slow down the speedtest. _________________ KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
Chain OUTPUT (policy ACCEPT 2064 packets, 1407K bytes)
pkts bytes target prot opt in out source destination
So it looks like it's going through ddtb as expected...
* QoS is disabled.
* privproxy is disabled.
* SPI firewall is disabled.
* I do have VLAN tagging enabled for the WAN port in the VLANs tab (required by the ISP), and I also have "vconfig set_egress_map vlan2 0 3" as required by my ISP, but these things are uplink-only, if I'm not mistaken?
When I look at top before, during, and after a speed test, nothing is above 1% usage before or after. And during the test, ksoftirqd is about 50% (and overall usage shows 50% sirq). I assume this is normal?
When I look at top before, during, and after a speed test, nothing is above 1% usage before or after. And during the test, ksoftirqd is about 50% (and overall usage shows 50% sirq). I assume this is normal?
That means it is maxed out and hw acceleration probably does not work with vlan tagging. Only BrainSlayer can answer that. _________________ KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
I decided to run a "lab" test with one of my machines connected to the WAN port (so that I could test it without the VLAN tagging and CoS marking).
I did a factory-reset on the router, and used all default settings for my first test, which was downloading a large file over HTTP from the WAN-side computer. That yielded 30-31MiB/s, which is about 250-260Mbps.
Next, I added a port-forwarding rule for port 5001 for iperf. The iperf tests yielded about 255Mbps WAN-to-LAN and 210Mbps LAN-to-WAN.
So the results are all consistent with each other and with the real-world results that I got with the router hooked up to my ISP.
I would enable the SPI firewall. I'm not sure what this option does at iptable's level in DD-WRT, but it could possibly prevent ddtb from working properly.
I decided to run a "lab" test with one of my machines connected to the WAN port (so that I could test it without the VLAN tagging and CoS marking).
I did a factory-reset on the router, and used all default settings for my first test, which was downloading a large file over HTTP from the WAN-side computer. That yielded 30-31MiB/s, which is about 250-260Mbps.
Next, I added a port-forwarding rule for port 5001 for iperf. The iperf tests yielded about 255Mbps WAN-to-LAN and 210Mbps LAN-to-WAN.
So the results are all consistent with each other and with the real-world results that I got with the router hooked up to my ISP.
Running the lab test you used iptables -vnL -t raw
to check you correctly configured the router? If you did not set the gateway on your router ddtb will not be active. _________________ KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
Kong, I set the gateway on my router to my modem IP. Does that work or should I set it to the ISP gateway? _________________ R7000 Nighthawk - DD-WRT v3.0-r50308
R7000 Nighthawk - DD-WRT v3.0-r50308
~~~~~~~~~~Dismantled for learning opportunities~~~~~~~~~~
WRT54Gv2
WRT54Gv8.2
~~~~~~~~~~Other Settings~~~~~~~~~
https://nextdns.io/?from=2d3sq39x https://pi-hole.net/ https://github.com/DNSCrypt/dnscrypt-proxy
I would enable the SPI firewall. I'm not sure what this option does at iptable's level in DD-WRT, but it could possibly prevent ddtb from working properly.
That was me getting desperate and trying everything. I first did this with SPI still enabled, and my lab tests were all done with the default router settings, so SPI was enabled in those tests, too. It made no difference whether SPI was enabled or not.
<Kong> wrote:
Running the lab test you used iptables -vnL -t raw
to check you correctly configured the router? If you did not set the gateway on your router ddtb will not be active.
Yes, I did verify that ddtb appeared. The router also had a gateway set (I tried it once where I explicitly set the WAN gateway address, and once where the WAN provided one via DHCP--same results both times).
I tried the lab test again today with the new 24800M build because I saw that BS had made a ddtb-related commit, but the results were still the same. This is iptables -vnL -t raw after my lab tests today on 24800M:
Is DDTB hard-coded to be active only on specific router models?
(I also find it a little surprising that my 4-year-old TEW-673GRU running DD-WRT 23919 with a single-core 680MHz MIPS gets slightly faster WAN speeds than this dual-core 800MHZ ARM--though I guess core count isn't important since routing appears to be single-threaded; does MIPS have better IPC efficiency than ARM?)
I would enable the SPI firewall. I'm not sure what this option does at iptable's level in DD-WRT, but it could possibly prevent ddtb from working properly.
That was me getting desperate and trying everything. I first did this with SPI still enabled, and my lab tests were all done with the default router settings, so SPI was enabled in those tests, too. It made no difference whether SPI was enabled or not.
<Kong> wrote:
Running the lab test you used iptables -vnL -t raw
to check you correctly configured the router? If you did not set the gateway on your router ddtb will not be active.
Yes, I did verify that ddtb appeared. The router also had a gateway set (I tried it once where I explicitly set the WAN gateway address, and once where the WAN provided one via DHCP--same results both times).
I tried the lab test again today with the new 24800M build because I saw that BS had made a ddtb-related commit, but the results were still the same. This is iptables -vnL -t raw after my lab tests today on 24800M:
Is DDTB hard-coded to be active only on specific router models?
(I also find it a little surprising that my 4-year-old TEW-673GRU running DD-WRT 23919 with a single-core 680MHz MIPS gets slightly faster WAN speeds than this dual-core 800MHZ ARM--though I guess core count isn't important since routing appears to be single-threaded; does MIPS have better IPC efficiency than ARM?)
No mips is in general slower, I guess the unit also has hw nat enabled.
But back to your problem. In my test on the 1Ghz ARM I have ~850/~550 Mbps. As ddtb obviously works, the error must be somewhere else. Are both WAN and LAN connected via wire? What's the output of:
No mips is in general slower, I guess the unit also has hw nat enabled.
But that router's an Atheros, and it's running build 23919--before ddtb was introduced. Or did you mean that there is a different form of hardware NAT that DD-WRT supports on Atheros routers?
Quote:
Are both WAN and LAN connected via wire?
Yes, all of my tests have been wired. Both machines used in the lab test also produce 900+ speeds LAN-to-LAN.
Anyway, here is the information that you requested:
cat /proc/cpuinfo
Code:
model name : ARMv7 Processor rev 0 (v7l)
processor : 0
BogoMIPS : 1594.16
Features : swp half thumb fastmult edsp tls
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x3
CPU part : 0xc09
CPU revision : 0
model name : ARMv7 Processor rev 0 (v7l)
processor : 1
BogoMIPS : 1594.16
Features : swp half thumb fastmult edsp tls
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x3
CPU part : 0xc09
CPU revision : 0
Hardware : Northstar Prototype
Revision : 0000
Serial : 0000000000000000
The following is from my production configuration, which has a number of port-forwarding rules (not my lab-test configuration, which is with default factory-reset settings). I'm not sure which you wanted (or if it matters, since I observed the same results either way).
I tried the lab test again today with the new 24800M build because I saw that BS had made a ddtb-related commit, but the results were still the same.
FWIW look again, the commit you are refering to was introduced after 24800.
But has nothing to do with any performance problem.
We are steel seeking a bug with incoming udp packages, that are directed towards the router.
I can't see anything wrong in the above output so all I can do is retest, describe how I tested, so you can reproduce it. _________________ KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
I first did this with SPI still enabled, and my lab tests were all done with the default router settings, so SPI was enabled in those tests, too. It made no difference whether SPI was enabled or not.
