Back to the home page
Note: for advanced users only!
Acting wrongly may render your router completely useless ("brick it"). Furthermore, the installation of (Fresh)Tomato on your router, may void the manufacturer's warranty.
Many routers are suitable for alternative firmware. The best choice is Tomato, or rather its offspring FreshTomato (in my experience, better than DD-WRT).
With FreshTomato you have a tremendous lot of tweaking possibilities, much more so than with the standard firmware of your router. Plus FreshTomato is entirely free, so no costs involved!
Contents of this page:
- 1. Original Tomato: insecure but still functional
- 2. The best Tomato fork: FreshTomato
- 3. Instructions for installing (flashing)
- 4. Some configuration tips
- 5. QoS: applying bandwidth limits
- 6. The routers on which I've successfully installed FreshTomato
- 7. Want more tips for wireless internet?
Original Tomato: insecure but still functional
1. The original Tomato is only fit for a few routers, and active development has stopped in 2010. Luckily there are several forks of Tomato, some of which are being developed actively. Those forks support a lot more routers, including many modern ones; more about that later.For those routers that it does support, the original Tomato is still an option. Though no longer the best choice, because of course it hasn't had any security updates for years...
If you want it anyway, you can get it here.
Note: select Tomato_1_28 and not Tomato_1_28_ND. The New Driver wasn't very stable, at least not back in 2010, when the development of the original Tomato halted.
Note: make sure to check on the Tomato website, whether your router is supported. If not, read on: its fork FreshTomato might support your router.
The best Tomato fork: FreshTomato
2. As said, the original Tomato has a number of forks, although not all of them are under active development. Those forks support a lot more routers, contain the latest security updates (at least when they're under active development) and have more features. There are several of them.Probably the best actively developed fork at the moment, is FreshTomato. It performs very well on my routers.
Not only does FreshTomato support more routers than the original Tomato, but the makers have added some extra features as well. More about that later.
Finding the right FreshTomato build for your router
2.1. Unfortunately it's rather an effort to find the right FreshTomato build for your router, because its developers haven't put much effort in guiding you to that. So I'll try to help you a bit with that, because putting the wrong build on your router might render it useless ("brick it").First you go to the main folder that contains the latest stable version of FreshTomato. At the time of writing this, that's 2022.2 (*click*). Avoid versions in the tests folder or in the beta folders; they're unreliable and only meant for helping the developers with testing and bug reporting.
The subfolder of 2022.2 named K26 (*click*), which is named after Linux kernel 2.6, contains the generic builds for MIPSR1 and MIPSR2 routers.
MIPSR1 routers are very old; think of ancient ones like the Linksys WRT54GL. More modern routers are all MIPSR2.
The other folders of 2022.2 named K26RT-AC (*click*) and K26RT-N (*click*) contain dedicated builds, meant for just one router model.
You should start your search by trying to find a dedicated build for your router model. If you can't find one, select a generic build in the K26 folder, doing an informed guess as to whether it should be MIPSR1 or MIPSR2.
By an informed guess I mean that you should try to establish the original launch date of your router model. Was it launched before (approximately) 2010 or so? Then it might be MIPSR1. After (approximately) 2010? Then it's probably MIPSR2.
Because some routers have very little NVRAM storage, the safest choice are the Mini builds (with the word Mini in their name). They should require the least amount of NVRAM space. This is only applicable for the generic builds in the subfolder K26; the dedicated builds usually have just one flavour which should fit in the NVRAM in all cases.
Note: FreshTomato is only meant for routers containing a WiFi chipset from Broadcom! If you can't find a dedicated build for your router: check what WiFi chipset is in it. No Broadcom, no dice: try DD-WRT instead.
Below you'll find the how-to for installing the FreshTomato build that you've downloaded:
Instructions for installing (flashing)
3. Please do NOT skip any of these steps: they are very important and will prevent a lot of headaches afterwards!a. Turn on the router with the old firmware still in place. Use an ethernet cable to connect the computer that you wish to use for this operation, to the router. Wireless connections aren't suitable for this!
Also make sure that your wireless connection with the router is disabled. It's very important that you perform the operation by means of a wired connection, and also that there is no simultaneous wireless connection between your computer and the router.
b. Before flashing: reset your router to the factory defaults, by pressing the semi-hidden reset button for 10 seconds. The reset button is usually within a small hole in the router casing, and can only be pressed with a pen or with a match stick.
Can't find it? The manual of your router will tell you how to find that button (no manual around? Check the support section of the website of the manufacturer).
Check whether the operating system on your computer still has connection with the router. If not, re-establish the connection (Linux: click the icon of Network Manager in the system tray).
c. Especially important for FreshTomato on older routers with a small amount of NVRAM: use a mini-firmware as step in between, because otherwise there might be too little storage space in the router to perform the upgrade successfully. With a dead router as a consequence....
For this mini-firmware you can use a special edition of DD-WRT. Although I don't think that DD-WRT is as good as Tomato and its forks, this special mini edition is very handy.
You can find and download the specific mini version that's fit for your router, by means of the router database of DD-WRT. Select the "Webflash image for first installation".
d. Now flash the router with the specific DD-WRT Webflash firmware for your router. That can be done from the configuration panel of your router; usually in the section Administration or Advanced, where it's normally called something like "Firmware Upgrade".
e. Reset your router to the DD-WRT defaults, by pressing the semi-hidden reset button for 10 seconds. That's necessary for completely cleaning out the remains of the former firmware in the NVRAM of the router.
Reboot your computer, in order to make your system recognize the new situation correctly.
f. Open the configuration window of DD-WRT. By default, it's at "web address" 192.168.1.1 in your browser. The username is root and the password is admin (both by default).
Establish connection by means of the terminal
3.1. Sometimes Network Manager can't connect normally to the router anymore, after replacing the firmware. In that case you can try the following:a. Ignore Network Manager (if it's still trying to connect, click on Disable connection)
Use the terminal command ifconfig in order to find out how Linux calls your ethernet device (for example: enp4s0);
For an ethernet card called enp4s0, you type in the terminal (use copy/paste in order to avoid typo's):
sudo ifconfig enp4s0 192.168.1.104/24
Press Enter. Type your password when prompted; in Ubuntu this'll remain entirely invisible, not even dots will show when you type it. That's normal.
Now you should be able to access the configuration window of the router in your web browser, on 192.168.1.1
g. Go to Administration - Firmware Upgrade and flash your router with the appropriate version of Tomato or FreshTomato. Note: do not enable the option to erase all current settings upon reboot ("Reset to Default settings")! It's better to do that cleaning from within Tomato itself (more about that later).
h. Reset your router to the Tomato defaults, by pressing the semi-hidden reset button for 10 seconds. That's necessary for completely cleaning the NVRAM of the router from remains of the former firmware.
Reboot your computer, in order to make your system recognize the new situation correctly.
i. After flashing, perform another thorough erase. See the screenshot below (click on it to enlarge it):
j. Pull the power plug from your router, wait 30 seconds, and plug it back in. You're done! But read on for some configuration tips.
Note: when upgrading an existing Tomato: always check the box for erasing all data in the NVRAM. See the screenshot below (click on it to enlarge it):
Some configuration tips
4. Below, you'll find some tips for configuring your Tomato.a. Make sure that your wireless security is OK.
b. When applying changes in the Advanced - Wireless section of the settings, you'll need to enter a Country Rev (revision) number. See this page in the FreshTomato documentation. For most EU countries that's 13 (which should give you the option to set your channel to 13), and for the USA it's 0.
c. Don't overdo it: the optimal Transmit Power (Tx Power) is not that high. In fact, the ideal Tx Power is the lowest value that still provides an adequate signal for you. Both because of security and of your health. For example: in my case a value as low as 10, proved to be quite adequate.
d. Keep your router lively and fast: schedule an automatic reboot. As follows:
Administration - Scheduler - section Reboot.
Weekly is generally sufficient; I myself have scheduled my routers to reboot every wednesday at 03:00 AM.
e. Connecting with a VPN
You might need to connect to a VPN (for example, from your home to your office). In that case, you may have to enable the horribly insecure feature Universal Plug and Play (UPnP) in your router. Don't do it unless absolutely necessary, because UPnP is highly insecure:
Port Forwarding - UPnP/NAT-PMP
Check: Enable UPnP
Click Save and reboot your router.
Note: Thank heaven this isn't always necessary for VPN. Definitely try it without UPnP first.
f. Bandwidth limiting per user, can be done by means of QoS. This is rather complicated, although Tomato has done its best to make it as easy as possible for you. That's why I've dedicated the rest of this page (item 5) to the simple yet brilliant solution that Tomato has for QoS.
QoS: applying bandwidth limits
5. Sharing bandwidth with other people can be unpleasant, when one of them uses up all of your bandwidth and thus renders your internet horribly slow. That's where QoS can come to the rescue.Tomato and its forks are especially good at bandwidth limiting, by means of QoS. Much better than the QoS of DD-WRT, even better than the QoS of the commercial version of DD-WRT.
In fact Tomato's QoS is not only technically better than DD-WRT's, but much easier to set up as well. Tomato is therefore an ideal solution in situations where you share your internet bandwidth with other people.
The main bandwidth throttling approach in Tomato and its forks, is applying smart dynamic limits and priorities on types of bandwidth use. This differs from the more blunt approach of a "hard cap", a fixed bandwidth limit per user. Most probably, you won't need a fixed bandwidth limit at all, because the smart system works so well.
See the screenshots below (click on them to enlarge them):
Improved Basic settings, slightly different from the defaults:
Improved limits, somewhat different from the defaults:
However, should you wish to have a fixed bandwidth per user after all, this is easy to set up in the newer versions of Tomato RAF. Not in the original Tomato; if your router runs on that, you'll have to switch to Tomato RAF for that feature.
The maximum is 80 %
5.1. Set the amount of bandwidth to be divided by QoS, at 80 % maximum. Definitely not higher, because QoS will become hopelessly stuck when your bandwidth drops occasionally below the set value.This is usually hard to accept for most people: of course it's no fun to structurally leave 20 % of your bandwidth unused.... Yet it's absolutely necessary for QoS. You might see it as the price you have to pay for the use of QoS.
You have to apply this 80 % both to Outbound and to Inbound (Max Bandwidth).
Note: measure your actual amount of bandwidth yourself, and don't rely on the overly optimistic information from your internet provider. Use for example this website for your measurements.
Tip: in order to calculate correctly, you'll probably need to convert some units. For that, you can utilize this website.
Decrease the Lease Time
5.2. When there's a rather large number of people who use your bandwidth: decrease the Lease Time for the IP address, for example to 10 minutes. That way, an unused IP address becomes available for recycling much more quickly.This does not affect computers that are turned on, even when those computers are not in use: a computer that's turned on, will always automatically renew its IP lease when 50 % of the lease time has been used. In this example, every 5 minutes.
See the attached screenshot (click on it to enlarge it):
Different settings for different situations
5.3. Situations vary. So should your QoS settings.Situation 1: family, hotel or camping
5.3.1. The default settings of the "original" Tomato are probably best suited to the needs of a family, whose father wants to restrict the excessive internet use of his children. Or the needs of a hotel owner, who wants to divide the available bandwidth evenly over his guests.I've mentioned the limit settings above; now the classification. See the screenshot below (click on it to enlarge):
Classification original Tomato (default, unchanged):
Situation 2: fraternity house on college campus
5.3.2. Students do a lot of online gaming, and make use of Skype and other specialized applications. That calls for a different classification, because otherwise a lot of games will be lost....FreshTomato has paid a lot of attention to this. See the screenshots below (click on them to enlarge them):
Limits FreshTomato (nearly unchanged defaults, only QoS has been enabled):
Classification FreshTomato (unchanged defaults):
In situation 2, choosing the latest version of FreshTomato instead of the original Tomato, is probably the easiest thing to do.
The routers on which I've successfully installed FreshTomato
6. I've successfully installed FreshTomato on the following four routers:Linksys E900 (dedicated build)
Linksys E3200 (dedicated build)
Linksys WRT54GL (generic K26 MIPSR1 build)
Linksys WRT160N v3 (generic K26 MIPSR2 build)
Want more tips for wireless internet?
7. Do you want more tips and tweaks for your wireless internet? You might find these useful:a. Amplify the wireless signal of your router
b. Apply a second router in your home
c. Reduce electromagnetic radiation of computing devices
d. Replace Windows 7 by an easy free Linux
Still want more?
Do you want even more tips and tweaks? There's a lot more of them on this website!
For example:
Speed up your Linux Mint!
Clean your Linux Mint safely
Avoid 10 fatal mistakes
To the content of this website applies a Creative Commons license.
Back to the home page
Disclaimer
