Posted: Wed May 12, 2021 23:05 Post subject: Just got fiber! But Asus RT-AC68U & DD-WRT running slow
I've used an Asus RT-AC68U router with DD-WRT for years now and love it. I just upgraded to symmetrical fiber (1 Gig up/down) and I can get those speeds directly connected to the Modem. However, once I introduce the router, those speeds are cut in half.
I upgraded to the latest beta firmware and this didn't offer any change. I've done a little research and found others who have run into this issue with other routers and seems to typically be an issue with DD-WRT not being able to take advantage of hardware acceleration, however, going back to the manufacturer's firmware (not DD-WRT) will provide hardware acceleration. I would rather not do that and stay with DD-WRT. Is there anything I should be doing? Should I just upgrade the router? If so, any recommendation on which on can take full advantage of Gigabit Fiber coupled with DD-WRT? Thanks in advance for any help.
Go to the DD-WRT Setup page, Basic Setup tab, under "Optional Settings", enable "Shortcut Forwarding Engine". You might have to test some of the options (CTF or SFE) to see what's best with your setup. I haven't tried the "Flow Acceleration" options on my R7000, but that might help too.
Go to the DD-WRT Setup page, Basic Setup tab, under "Optional Settings", enable "Shortcut Forwarding Engine". You might have to test some of the options (CTF or SFE) to see what's best with your setup. I haven't tried the "Flow Acceleration" options on my R7000, but that might help too.
Good luck!
Thanks very much for this. SFE was actually already enabled, however, I tried changing that to CTF and saw my speeds increase from around 500 MBPS to 750 MBPS. Then I changed Flow Acceleration from DISABLE to CTF & FA. This got me 900 MBPS up and down, which I'm happy with so I guess I'll leave it there.
The only thing I'm wondering is I hardly have a clue what these settings do. FA sounds to be just like Hardware Acceleration, which isn't a big deal whether I enable it or not, but CTF seems to be something that could add some vulnerability to my data or at least that is what I read online. Is enabling CTF really provide much vulnerability?
You're still going to be limited by hardware with only an 800MHz dual-core cpu and 256MB of ram. I would say R7800 or R9000 or x86_64 mini PC.
I might frame your post. I feel like I'm a n00b at pretty much everything, but this was the one time I actually knew to go to the betas and install the latest firmware. I now have documentation I might not be a n00b at something. All I need now is a Certificate that says I'm sane and I should be good.
Posted: Sat May 15, 2021 22:02 Post subject: Re: Just got fiber! But Asus RT-AC68U & DD-WRT running
ishtarbgl wrote:
I've used an Asus RT-AC68U router with DD-WRT for years now and love it. I just upgraded to symmetrical fiber (1 Gig up/down) and I can get those speeds directly connected to the Modem. However, once I introduce the router, those speeds are cut in half.
I upgraded to the latest beta firmware and this didn't offer any change. I've done a little research and found others who have run into this issue with other routers and seems to typically be an issue with DD-WRT not being able to take advantage of hardware acceleration, however, going back to the manufacturer's firmware (not DD-WRT) will provide hardware acceleration. I would rather not do that and stay with DD-WRT. Is there anything I should be doing? Should I just upgrade the router? If so, any recommendation on which on can take full advantage of Gigabit Fiber coupled with DD-WRT? Thanks in advance for any help.
I would just setup the Asus as an AP and let the modem take care of the routing / NAT
I have R7000P and R7000 in different locations setup as APs and i use WireGuard, usb, privoxy, ddns ftp, samba. You might want to try that unless you really need ddwrt to do NAT
Posted: Sun May 16, 2021 14:34 Post subject: Re: Just got fiber! But Asus RT-AC68U & DD-WRT running
nolimitz wrote:
ishtarbgl wrote:
I've used an Asus RT-AC68U router with DD-WRT for years now and love it. I just upgraded to symmetrical fiber (1 Gig up/down) and I can get those speeds directly connected to the Modem. However, once I introduce the router, those speeds are cut in half.
I upgraded to the latest beta firmware and this didn't offer any change. I've done a little research and found others who have run into this issue with other routers and seems to typically be an issue with DD-WRT not being able to take advantage of hardware acceleration, however, going back to the manufacturer's firmware (not DD-WRT) will provide hardware acceleration. I would rather not do that and stay with DD-WRT. Is there anything I should be doing? Should I just upgrade the router? If so, any recommendation on which on can take full advantage of Gigabit Fiber coupled with DD-WRT? Thanks in advance for any help.
I would just setup the Asus as an AP and let the modem take care of the routing / NAT
I have R7000P and R7000 in different locations setup as APs and i use WireGuard, usb, privoxy, ddns ftp, samba. You might want to try that unless you really need ddwrt to do NAT
Sorry, access points are a little new to me. I have a media server and a switch too. Right now my setup sort of makes simple sense to me. Wired traffic goes through the switch, to the router, and then to the modem. The router hands out IP addresses and I can keep all the network internal to the LAN this way. Only the traffic that needs to go out to the WAN leaves the LAN.
I think what you are suggesting is to allow the router to only focus on wireless traffic. Wouldn't I have to take the modem out of bridged mode to accomplish this? Then the modem hands out IP addresses and no longer the router. Then I guess the switch is connected directly to the modem and the access point could be plugged into the switch or the modem.
The reason I think you are suggesting this is that the overall processing load is then spread between the router and the access point whereas now the router is taking on the bulk of the work.
Usually an access point is meant to be a device that transmits wifi, but when you set your router to access point mode, you can still use its ethernet ports / switch and connect your other switch to it, and in dd wrt many of the features will work just fine as well.
You will need your modem to get the WAN IP so you will have to take it out of bridged mode and its easier if your modem have dhcp on as well.
You may follow the wiki article to run your router as AP:
Usually an access point is meant to be a device that transmits wifi, but when you set your router to access point mode, you can still use its ethernet ports / switch and connect your other switch to it, and in dd wrt many of the features will work just fine as well.
You will need your modem to get the WAN IP so you will have to take it out of bridged mode and its easier if your modem have dhcp on as well.
You may follow the wiki article to run your router as AP:
Hmmm...I'm still missing something though. I thought the whole reason I might want to do this is to dedicate the router to only WIFI traffic. If I bring my LAN traffic through the router as I do today, I won't really see any benefit...right? I would think I would be getting the same LAN speeds I'm getting today.
The only thing I'm wondering is I hardly have a clue what these settings do. FA sounds to be just like Hardware Acceleration, which isn't a big deal whether I enable it or not, but CTF seems to be something that could add some vulnerability to my data or at least that is what I read online. Is enabling CTF really provide much vulnerability?
Thanks again.
CTF is short for Cut Through Forwarding, it bypasses the firewall for "certain traffic" Most likely it bypasses it for TCP traffic that is "Established". This is an old trick of Cisco's from 20-odd years ago.
FA is short for Flow Acceleration and while it sounds like a pill that guys with enlarged prostates take, what it does is essentially permit a packet showing up at 1 interface to be copied to another interface using a mask that modifies the packet header per the existing NAT table and established connection table. It is also an old Cisco trick that Cisco calls "Fast Forwarding" or sometimes "Fast Switching" vs "Process switching" Essentially with a Fast Switched AKA Flow Accelerated packet, the main router CPU and main Linux kernel code is not involved with the packet copy. Instead the ethernet controller chips themselves copy the packets between each other. Only new connection packets that have not been routed through the router will be processed by the Linux kernel.
My understanding is that CTF+FA for the small routers comes in a binary module from Broadcom for certain kernel versions and certain CPUs. None of this stuff is open sourced stuff as it's all manipulating proprietary hardware interfaces and digging around in the Linux kernel for things.
The main Internet core routers today from the Big Four (Juniper, Cisco, Huawei and Alcatel-Lucent) all use hardware-based switching of packets, so this is really nothing new.