WNR3500L WAN to LAN throughput using different firmwares

61 posts / 0 new
Last post
Sawyer
Sawyer's picture
cool, but will it have this

cool, but will it have this nat fast driver?

Kong
Kong's picture
No the fast nat driver is

No the fast nat driver is missing functionality, I have extracted some info about fast nat:

Fast-NAT is generally called by this name since it is much faster than the netfilter NAT code. It doesn't keep track of connections, and this is both its main pro and con. Connection tracking takes a lot of processor power, and hence it is slower, which is one of the main reasons that the Fast-NAT is faster than Netfilter-NAT. As we also said, the bad thing about Fast-NAT doesn't track connections, which means it will not be able to do SNAT very well for whole networks, neither will it be able to NAT complex protocols such as FTP, IRC and other protocols that Netfilter-NAT is able to handle very well.

This means that a couple of features dd-wrt offers would be unavailable. The original netgear firmware does not have these features and therefore does not suffer from this. Tomato had to disable the fast-nat module again since they found out that it will break some Tomato features as well.

 

bosa
bosa's picture
 

 

Kong said: ... As we also said, the bad thing about Fast-NAT doesn't track connections, which means it will not be able to do SNAT very well for whole networks, neither will it be able to NAT complex protocols such as FTP, IRC and other protocols that Netfilter-NAT is able to handle very well. This means that a couple of features dd-wrt offers would be unavailable. The original netgear firmware does not have these features and therefore does not suffer from this. ...

 

Well I know for sure that the Netgear firmware (using Fast-NAT) is much faster even for complex protocols such as FTP since this was what I tried first. I suppose FTP is implemented as a separate proxy if the NAT module can't hadle it.

SNAT is a vendor specific abbreviation (S might stand for Source, Secure, Stateful or Softwires) so it's a bit difficult to know what the problem is, but since we are talking open source here I assume you are refering to the IETF definition (Softwires) and in that case it should only be a problem to a very limited group of people.

Kong
Kong's picture
The fast-nat will definitely

The fast-nat will definitely break L7 filters, since they need connection tracking. Qos and VPN daemon has problems according to Tomato sources. These are all features the Netgear Firmware does not have

 

Sawyer
Sawyer's picture
Well. This are all the

Well. This are all the feature I dont seem to need either. However Since I only got a 20/20Mbit line It wont matter that much. But I critically need DynDNS, updxy supported installation for IPTV and a Media Server or whatever its called when you connect your external HD to your router to stream .AVI to another location without the need to run your own apache server or Orb 2.x on a physical computer that is always on. I believe all this is supported by you right?

bosa
bosa's picture
I just tried your latest

I just tried your latest build Kong.
http://www.desipro.de/ddwrt/dd-wrt-usb-ftp-samba3-dlna-O2-v24-K26-broadc...

And it's even faster!! Great work!
Did you tune it for mips32r2?

dd-wrt-usb-ftp-samba3-dlna-O2-v24-K26-broadcom.bin (SPI Enabled)

TCP Speed test, host=192.168.0.30, transfer size=50000000 bytes

Half Duplex
Receive = Throughput: 135413143 bps (135.41 Mbit/s)
Send    = Throughput: 144743276 bps (144.74 Mbit/s)

Full Duplex
Receive = Throughput: 86529292 bps (86.53 Mbit/s)
Send    = Throughput: 65431643 bps (65.43 Mbit/s)

I also tired to disable everything under VPN passthrough which made it possible to squeeze even more throughput out of it :)

Same build with all VPN passthrough disabled (SPI Enabled)
TCP Speed test, host=192.168.0.30, transfer size=50000000 bytes

Half Duplex
Receive = Throughput: 139827920 bps (139.83 Mbit/s)
Send    = Throughput: 149705112 bps (149.71 Mbit/s)

Full Duplex
Receive = Throughput: 92770940 bps (92.77 Mbit/s)
Send    = Throughput: 71233939 bps (71.23 Mbit/s)
Kong
Kong's picture
Hi bosa,

Hi bosa,

nope I didn't try mips32r2 yet. But to compile minidlna I had to move from dd-wrt's toolchain to my own toolchain with a new uclibc:-)

 

bosa
bosa's picture
Kong said: Hi bosa, nope I

Kong said: Hi bosa, nope I didn't try mips32r2 yet. But to compile minidlna I had to move from dd-wrt's toolchain to my own toolchain with a new uclibc:-)

Ok! So there may even be some more speed to gain there then Smile

I noticed that the latest tomato firmware I tried (Tomato v1.28 without fast-nat) had MIPSR2 in the filename and since it's faster than the regular DD-WRT builds (although not as fast as your optiomized build) the R2 optimization may be part of the explanation.

Sawyer
Sawyer's picture
Bosa: since you are testing

Bosa: since you are testing all that stuff. How do you know if netgear is set to half or full duplex? where do you set this up? As I'm seeing some wired behavior. When Im downloading my UL drops to practically zero with utorrent. I'm running bridge mode with router. Lan to Lan cable and pppoe sessions out of windows so theoretically bypasses routers NAT and everything, should be just a switch right?. So will this still effect the 100/100Mbit performance when I use it as pass through only with windows pppoe?

It never behaved that way when I only gad the modem connected so I'm assuming the router cant handle the speed. 100Mbit or it is in half bridge since either one way it goes full 10MByte/s

Still on original firmware if it matters.

Sawyer
Sawyer's picture
alright I just checked the

alright I just checked the status

WAN 100M/Full 4272768899 4252447614 0 43970 17151 15:00:49
LAN1 1000M/Full 22568243 43306969 0 34710 74620 15:33:00
LAN2 100M/Full 03:18:51

I guess this means its running in 100Mbit full duplex. Why the wired speed drop then.......????

bosa
bosa's picture
The problems with duplex

The problems with duplex settings on interfaces occurs when one end of the cable thinks it is running at half duplex while the other thinks its running at full duplex.

The best way to find a duplex conflict on a Unix/Linux system is to run "netstat -i" and check for Oerrs (Solaris) or TX-ERR (Linux), they should normally be 0 or close to 0. But unfortunately the netstat command in DD-WRT I'm running does not have the -i flag so I guess the best way to check it is to run (on DD-WRT at least):

cat /proc/net/dev

in a wide window and check for Transmit errs.

If that is the case you may get the problems you are having. One way to troubleshoot this is to try different duplex settings if that is possible in Netgear firmware.

Another way of troubleshooting could be to connect a switch (preferably with some kind of speed/duplex leds) between the WAN interface of the router and the "ISP WAN cable" to see if that helps.

Regarding my tests: All interfaces are always running at 1000Mbps full duplex. The full/half duplex results refers to if data is transfered in one direction at the time (like when you download a file using http) or both directions simultaneously (like when you use a bittorrent software) it has nothing to do with interface settings.

Sawyer
Sawyer's picture
well the above stats are from

well the above stats are from netgears firmware under status report. So it is full duplex. Maybe the router is just to weak to handlr 100/100Mb but since its all on pppoe. exactly 5 times pppoe. I dunno.

bosa
bosa's picture
 

 

Sawyer said: well the above stats are from netgears firmware under status report. So it is full duplex. Maybe the router is just to weak to handlr 100/100Mb but since its all on pppoe. exactly 5 times pppoe. I dunno.

I think you are missing my point. The problem is if you are running at full duplex and your ISP at half duplex. So the fact that your interface is showing Full duplex is no guarantee that everything is OK.

 

I guess all ISP:s have their remote interfaces set to Auto, but if the negotiation for some reason would fail and you get a duplex conflict on the WAN link you will have lots of problems.

It's however rather unlikely for this to happen so there may well be other reasons for this. I have not done any testing with PPPoE...

Sawyer
Sawyer's picture
I see and its a fiber optic

I see and its a fiber optic modem so dont think its running in half duplex. Maybe I need to try with just one pppoe session which is 20/20Mbit. With that said, if it runs at 20/20 in utorrent at the same time. The question about full or half is solved right?

Sawyer
Sawyer's picture
Please help me to understand

Please help me to understand this practically now.
One thing I still dont get about half and full duplex. I know the theory is that half transfers only in one direction at a time. But how can this work actually.

Right now I'm connected with one single PPPOE session which is exactly 20/20MBit. Now Utorrent is steady transferring at 2.3MByte/s down and 2.1MByte/s up at the same time. Testing it right now.
Can you read any data from this now? Because the way I understand it. This cant be anything else then full duplex. Right?

bosa
bosa's picture
No it can still be half

No it can still be half duplex on the 100Mbps interface as long as it's just 20/20Mbps, if you go above 50/50Mbps it has to be full duplex.

If you receive a package on an half duplex interface the computer have to wait until the data is received before it can send anything on the interface. So with 20/20 it will receive data 20% of the time and send data 20% of the time and be idle 60% of the time.

If it's full duplex the computer can send while receiving data, thats why a 100/100Mbps full duplex interface sometimes is refered to as 200Mbps.

Sawyer
Sawyer's picture
I see. So meaning I have to

I see. So meaning I have to run at last 2x PPPOE 20/20 full speed in both direction to actually find out if the 100Mbps interface is full or half duplex.
I was able to have that without the router easy.

Interface is 100MBit http://www.shrani.si/f/1r/Og/4k6vW7DC/utorrent3.jpg

This is a confirmed full duplex connection. 5x PPPOE 20/20 sessions on one 100MBit interface.

But with this router I can go 10MB/s down easy also. Up is alot harder. Dont think I hit above 7.1MB/s yet.

However I wasnt able to do 7 / 10 as on the picture yet.

Will give it a go tomorrow again with some high profile torrent hopefully. But the original firmware should be able to do this?

bosa
bosa's picture
Sawyer said: I see. So

Sawyer said: I see. So meaning I have to run at last 2x PPPOE 20/20 full speed in both direction to actually find out if the 100Mbps interface is full or half duplex.

Since the Netgear reports full duplex you may NOT be running at half duplex.

You are either running at full duplex OR you have a duplex conflict.

A duplex conflict (as described earlier) is far worse than running at half duplex and I doupt that you could even get 20/20 through a duplex conflict so my conclusion is that you are running at full duplex.

Sawyer
Sawyer's picture
I will try to set the network

I will try to set the network card to forced half duplex to see if netgear info changes at all and if speed drops or something. However I see not that it reached 9MB/s of upload. So at last in one direction it goes full speed or at last the speed it went without the router.

Sawyer
Sawyer's picture
I couldnt get it to more then

I couldnt get it to more then 12-13% on the 1Giga lan interface when ul and dl in both direction. This are signs of half duplex then.

Next test. I limited the download to 7 and ul unmanaged and got 15-16% out.

Either its hald duplex or the download speed slows down the upload.

Sawyer
Sawyer's picture
I set it now to 100MBit half

I set it now to 100MBit half duplex and it didnt go over 80%. So thats even slower then the before 15% on 1Gigabit LAN. Download didnt go over 900kB/s at all whailst upload was at about 8MBYte/s. However I did notice that the download was getting up really really slow and download dropping. This would confirm again that it actually was working on full duplex the whole time before but the limitation is elsewhere. Probably router.

Sawyer
Sawyer's picture
I tested the network card in

I tested the network card in 100 half now and noticed that it rearley goes over 80% of the interface. When I changed back to full. The network card was always at 100%. So it had to be combined more then 100MBit. So modem is actually full duplex 100MBit. 8.2/8.1MB/s in that test.

Now done a test with the router and same ammount of torrents and dont think there is any noticable difference really.

I hope DD-WRT or Tomato wont degenerate this any further.

bosa
bosa's picture
Hi,

Hi,

Yes the new Tomato is indeed faster than the previous one (although not close to the old fast_nat version).

One interesting thing with Tomato is that only the send speed drops if you send and receive at the same time, the receive speed is always about the same.

Here's a summary of all the versions I have tested:

Tomato USB v1.27 9047 (Beta 16)

TCP Speed test, host=192.168.0.30, transfer size=50000000 bytes
    
Half Duplex
Receive = Throughput: 250627822 bps (250.63 Mbit/s)
Send    = Throughput: 274621170 bps (274.62 Mbit/s)

Full Duplex
Receive = Throughput: 242672209 bps (242.67 Mbit/s)
Send    = Throughput: 130494608 bps (130.49 Mbit/s)
    

Tomato USB v1.28 9048 (Beta 18)

TCP Speed test, host=192.168.0.30, transfer size=50000000 bytes

Half Duplex
Receive = Throughput: 102954643 bps (102.95 Mbit/s)
Send    = Throughput: 123144660 bps (123.14 Mbit/s)

Full Duplex
Receive = Throughput: 102915519 bps (102.92 Mbit/s)
Send    = Throughput: 54901252 bps (54.90 Mbit/s)


Tomato USB v1.28 9050 (Beta 20)

TCP Speed test, host=192.168.0.30, transfer size=50000000 bytes

Half Duplex
Receive = Throughput: 135319782 bps (135.32 Mbit/s)
Send    = Throughput: 150838683 bps (150.84 Mbit/s)

Full Duplex
Receive = Throughput: 133922413 bps (133.92 Mbit/s)
Send    = Throughput: 73200920 bps (73.20 Mbit/s)
Jeremy
Jeremy's picture
Most interesting, it seems

Most interesting, it seems that Tomato USB v1.27 9047 (Beta 16) was around double the speed of the latest release. That's a big drop in throughput!

Mavi
Mavi's picture
hi m8

hi m8
The tomato beta16 used FastNAT (it vas fast yes), it didnt work so good whit smb and openvpn.

djmoonshine
djmoonshine's picture
Sorry.. Double post.

Sorry.. Double post.

djmoonshine
djmoonshine's picture
This is an intresting thread

This is an intresting thread but not that updated today. Is there any firmware today that is anywhere near the throughput of fast_nat enabled versions? I was planning to mabye buy a WNR3500L router but since i have a 250/250Mbit connection i would like i little bit more throughput with custom firmware than you where able to acheve with the tweaks in this thread.

Kong
Kong's picture
Hi djmoonshine,

Hi djmoonshine,

I fear you are out of luck here, even the faster wndr3700 will have trouble routing the traffic of a 250/250 line.

Even if they can handle it with the default config, as soon as you switch on some features like fw logging or other services that consume cpu time, the speed will drop.

Basically there is no consumer router right now that can handle such speeds easily, You would need professional equipment like:

http://routerboard.com/pricelist.php?showProduct=91

But thats pricy

 

Nate
Nate's picture
Great thread. Anyone have

Great thread. Anyone have any insight into who originally developed fast_nat and will fixes be implemented in it or diff firmwares to fix the above mentioned problems? The performance difference is so huge it can't be passed up. Any time frame on the fixes?

For the 250/250 line problem, you could always run a virtual appliance on a vmware whitebox server. The Vyatta gateway appliance is free with registration and it claims forwarding performance in the 10's of gb/s on the latest Intel processors. Of course this is with Fiber, Multiprocessors, etc but the possibility is there. I would guess a relatively inexpensive whitebox installation of vmware esxi & Vyatta would give more than enough performance. This would obviously be more $$ too, but maybe you have a compatible whitebox machine laying around.

bosa
bosa's picture
Well there is at least one

Well there is at least one fairly affordable router out there that probably can handle 250/250 easily but it's not Netgear WNR3500L.

When I finally got my 100/100 mbit fiber connection I tried the different firmwares that I had tested earlier in this thread only to discover that theory is one thing but real life is a different story.

Although I could push more than 100mbit through using my benchmark software, when I hook it up to the Internet and my son started som heavily fileshareing my WNR3500L went down on it's knees begging for mercy.

The first thing that happend when the router was overloaded was that it stoped responding to DNS and DHCP requests and when I finally managed to access it through the web interface I noticed that the average load was more that 6 (the past 15 minutes).

Same problems with both the latest DD-WRT (Kong) and Tomato (Toastman).

The only firmware that could handle the fileshareing load without problems was Netgear original.

So I finally gave up and bought an ASUS Black Diamond instead (RT-N56U), and this router is the fastest thing I have ever seen in the SOHO segment. It has hardware accelerated NAT and my guess is that it easily can handle 500/500 Mbps.

The WNR3500L really is a nice product which gives good value for money, but it's just not the best choise if you have a really fast Internet connection, especially if you want the advanced features that are available in the open projects.

There are some interesteing (and more relaistic I guess) benchmarks here:

http://www.smallnetbuilder.com/lanwan/router-charts/view

Notice that that above list shows Netgear original firmware, they have also done some tests with DD-WRT:

http://www.smallnetbuilder.com/wireless/wireless-reviews/31164-lots-more-features-lots-less-performance-netgear-wnr3500l-with-dd-wrt-reviewed

Pages