Home Router For High-Speed Connection?

soulprivate writes "My cable company has recently begun to offer Internet access plans with speeds over 30 Mbps (60, 80 and 100 Mbps). However my D-link router is unable to go beyond 30 Mbps if I use NAT; it reaches 60-70 Mbps only if NAT is disabled. Is there any recommendation for a brand/model of residential router that is able to get more than 70 Mbps with NAT enabled? I have been looking for benchmarks or comparisons, to no avail. Does anyone know one? What are your experiences at home?"

The best

[mattventura]

Just get a cheap router like a WRT54GL and run OpenWRT on it. I have a couple of them in a WDS network. They're very manageable, and you can set up DMZs and such, and you can do basically anything you would do on a normal Linux system.

Chart

[ximenes]

My ISP links to http://www.smallnetbuilder.com/component/option,com_chart/Itemid,189/ [smallnetbuilder.com] which has throughput numbers for common home routers.

The long and short of it is that a lot of these devices have pretty poor performance, and can get away with it because they're used on 1.5mbps lines. However, there are some out there that are decent.

Of course, there's the build-it-yourself approach with m0n0wall or pfSense or something else. With a spare PC laying around you'll likely get reasonable performance, although electricity usage is quite a bit higher than an appliance.

WRT-160NL

[extintor]

I have a 100/10 mbit (fiber, no modems etc) line at home and use a Linksys WRT-160NL. When I do heavy file transfer (downloading, mainly from big FTPs like universities and such) the speed is around 90 mbits (~9.5 Mb/sec).
I highly recommend it. And if you're extra geeky, I know that there's a OpenWRT port being worked on, but it's not finished yet.

Linux PC

[seanadams.com]

The replies you've got so far seem to think that just because a router has gigabit ports that it can do NAT at gigabit speeds, which of course you've already figured out is nonsense.

For a standalone firewall box you might need to look at something like a Cisco ASA. Not cheap but they will at least specify the actual NAT throughput for whatever model you pick.

The other way to go is to roll your own on a decent PC with Linux which will get you a few hundred Mbps easily. For example a Mac Mini or FitPC will be fast enough.

I agree with TheRealMindChild

[majortom1981]

Like another user stated use pfsense. We had this problem at work. We are a library and just got 100/100 fiber service. Couldnt afford to buy some $10,000 router and our $1000 router couldnt handle the speeds. Downloaded pfsense and put it on an old server and get full 100/100 speed. Its open source , has snort and everything. ITs free to use and they have a pay for support option as well.

Re:The best

[rwa2]

Hmm, I have one of those, running HyperWRT... I can't manage to go over 2MB/s between the internal LAN and the WAN, though. On the same LAN, my hosts usually push 6-10MB/s between each other.

My ISP gives me a couple of static IPs, though... so I put my main box (and any other hosts I want good performance on) on a GigE switch connected directly to the 15Mbps uplink... the NAT router is just for all of the rest of the lazy wifi laptops and older wired boxes who just deal with the slower performance.

Pick anything

[Zedrick]

Anything should do. I guess your d-link is a few years years old? I worked for D-link support (yes, yuck) around 5 years ago when people started getting 100/100 at home, and we got plenty of complaints about specifications vs reality. But that wasn't a problem with the "new" models back then, and I can't imagine any home router for sale now that can't handle 100Mb with NATing and Firewalling etc.

Don't worry about speed, look at the price, support (do you have to a broken unit to china or can you get it replaced in the store?) and features instead.

Or even better: bring up an old computer with two NICs from the basement, install Linux or FreeBSD and add a cheap switch. That beats any home router in price and features!

Chart comparing throughput of various home routers

[Anonymous Coward]

http://www.smallnetbuilder.com/component/option,com_chart/Itemid,189/
I found this a few months ago... seems what you are asking for.

Mikrotik

[Obliterous]

Mikrotik Routers, despite some bad press, are good. They are inexpensive, can be build with commodity hardware, and easily handle that level of traffic.

hardware specs on mine: 2.4Ghz P-IV, 512MB Rambus RAM, 1 * T100 Ethernet port (motherboard)connected to modem, 5 * 10/100/1000 ports (NICs) connected to home network and one 802.11g wifi NIC (operating as a hotspot), 1 256MB flash card in IDE adapter.

FIOS connection gives me 60*5 with one IP, and regularly sustains that with as many as four separate machines running BT at any given time, 2 public game servers, as well as various other uses. 60+ firewall rules, full NAT with 20+ port forwarding rules, it runs like a champ.

http://www.mikrotik.com/ [mikrotik.com]

If you already have the hardware laying around doing nothing, go ahead and give them a look.

WRAPs or similar are nice.

[fuzzyfuzzyfungus]

Pretty much any home router in a box that you can buy is going to be rubbish. To be fair, it is pretty impressive what you can get for $30-$50; but intense price sensitivity and competition have pretty much leveled the home router field. You can either get the (impressive for the money; but not good enough) basic model, or you can go cry.

The Ciscos and Junipers of the world will probably cut it(with the distinctly possible exception of older used ones. If you get something from the era where routing a 10Mb lan into a T1 line was Real Serious Stuff, bittorrent over a 30Mb line is going to make it cry expensive enterprise tears); but they are expensive, even used, and many of their features are probably overkill for home applications.

Your best bet might be to run m0n0wall [m0n0.ch] or pfsense [pfsense.com]. Depending on your tolerance for fan noise, you can either get a basic intel atom board for ~$80 or an embedded x86 board from soekris [soekris.com] or pcengines [pcengines.ch] or similar.

That combination will be pretty featureful, quite a bit more powerful than your basic home box, and cheaper than any business box that isn't seriously antiquated.

I Beg To Differ

[didde]

I'm on an unmetered 100 Mbps line, bursting up to 300 Mbps from time to time. Just like you, I had a tough time finding consumer-grade hardware able to keep up with speeds > 30-50 Mbps. After going through most of what's on offer here in the EU, short of DIY routers, I ended up with D-Link's "Wireless N Gigabit router DIR-655". Believe it or not, but I have actually seen throughput close to 150 Mbps (using NAT) on the WAN while on this network.

Of course, YMMW, but my search ended with this piece of hardware.Of course, it's priced slightly higher than the average router, but IMHO it's worth it.

On a side note: I personally, had no luck what so ever using Linksys offerings, including the WRT54*. Most "premium" hardware platforms in the consumer sphere only offer throughput close to 30-40 or even 50 Mbps while on NAT.

Good luck. And enjoy the speeds you have been blessed with, son.

Re:Linux PC

[JWSmythe]

    I second your opinion on using a PC. He may still run into a PPS rate limitation with the router though. It depends on how they bring the connection in. A friend of mine has a business FIOS line (20Mb/20Mb) and a /25 of static IP's, and I specified at install time that they had to bring it in by CAT5. They'll either install CAT5 or coax. I yanked their router off as soon as they finished the install, and put a Catalyst 2924 on. The speed was ok (but not great) with their router. It was exactly as advertised through the 2924.

    For a NAT environment, a decent PC with Linux and iptables would be fine. It would obviously need decent interfaces (nope, that old 10baseT card won't do it), but it doesn't need lots of memory or even CPU power. A handy spare 1Ghz machine with 256Mb RAM is overkill, but easily available in most of our homes. :) The best part is, it's free. No need to waste money on new equipment, if you already have it sitting in your garage gathering dust.

    I don't recommend exceeding 80% capacity on the interfaces. If they do offer 100Mb/s, it's time to upgrade to GigE interfaces. Again, that's pretty easy to do these days. You'll start running into problems at the PCI bus after a while, but that's over 100Mb/s.

    Even in testing the 20Mb/s connection a couple years ago, I just started downloading ISO's. From any one source, I ran into their limitations, so I pulled one copy from a bunch of mirrors, and was able to saturate the connection to flatline at 28Mb/s (wheee). Their advertising was wrong, but I won't complain when they're wrong in my favor.

6-year-old SMC2804

[AliasMarlowe]

We have a SMC2804WBRP-G router for our home net, with a 100/10 WAN connection through a fiber switch. It handles our traffic smoothly using NAT and firewall with both wired and 11g wireless LAN connections. We've had it for almost 6 years now, and upgraded our WAN connection during that time. The SMC2804 was not particularly expensive, but cost about 50% more than the Netgear and Buffalo trash of the time. Typically, there are 3-4 PCs, a multifunction printer, and a headless server on our wired LAN, and there may be another PC or two on wireless from time to time. The firewall rules prevent the headless server and printer from calling home, among other things.

SmallNetBuilder has a good comparison chart

[gygy]

look here: http://www.smallnetbuilder.com/component/option,com_wireless/Itemid,200 [smallnetbuilder.com]

Re:The best

[Danborg]

I can't believe that no one has yet mentioned Untangle - www.untangle.com [untangle.com] or Endian www.endian.com [endian.com]

Re:Why do you need it?

[inKubus]

Actually considering there are content distribution networks like Akamai and of course Google that have servers within one hop of most metropolitan ISP's edge routers, it's pretty likely you'll be able to achieve those speeds for a lot of your content.

I recommend they take a look at some of the small business products from Cisco and Sonicwall. They are a step above the home stuff in features and price. Most of them will list their firewall throughput, how much they can NAT is a function of the processor and more importantly the software.. Beware that there is some Cisco branded stuff that is actually Linksys in disguise (with minor software changes), however Cisco won't put it's name on total crap (yet) so they are pretty good.

Re:Cisco

[BulletMagnet]

a Cisco ASA 5505 would certainly do the job. I upgraded to a 5505 / 10 user unit at home after having a PIX 501 for years and it rocks. You're looking at just under 400.00 new for a 10 user unit and used is all over the place. Throw on 100.00 for SmartNet if you've never used Cisco's IOS before....

Re:Mikrotik

[zn0k]

Or buy one of the lower end RouterBoards. A 450G would be a fairly good fit for this situation and comes in at under $150 with a case and a power supply.

Re:Why do you need it?

[inKubus]

Also, as far as low end professional stuff, the ASA 5505 is pretty good (overkill for home use probably). It'll do 150Mbps NAT and it does that with hardware VPN also. The lowest version (10 user license) is around $350. It has a built in layer 3 switch also.

Re:Find a cheap machine...

[legoburner]

Agreed, mini itx is one of the best ways to do this. Fanless has a long, stable lifespan and using a portable hard drive will keep operating power usage down close to a dedicated router so it does not work out that much more expensive. You can run a transparent proxy, secure remote access, transparent tunneling/VPNs, gather statistics, etc.

Re:The best

[paul248]

This is bad advice. The WRT54GL is *not* capable of routing at much faster than 30Mbps, because the LAN and WAN ports are on the same switch, connected to one physical Ethernet interface.

You at least need a device with 2 physical Ethernet interfaces, like the ar71xx [openwrt.org] platform.

Re:The best

[joaommp]

I use a dedicated PC for my 100Mbps connection. An old PIII 800 computer with Gentoo. Works like a charm.

Re:The best

[mattventura]

Except the WRT54GL can't handle torrents

Mine handles a HTTP/IRC/SMTP/IMAP/DNS server with medium use AND heavy torrenting. I have gotten over 30mbps with it, bottlenecked only by 802.11g and by my cable line. If you are getting bad torrenting throughput, dropped connections, reduce the connection limit in your torrent client so it will use less connections to transfer the same amount of data. Your router is likely trying to manage a huge NAT table for no good reason.

Buffalo WHR-HP-G54 or OpenBSD or...

[Merc248]

In my experience, I've had great success with the Buffalo WHR-HP-G54 with Tomato in my house, and I've personally setup an OpenBSD box with pf for a coffee shop. I don't have the connection at home to really saturate much of anything at the moment (I have a Comcast 22 Mbps connection myself), so I can't really comment on how well the router would scale up with a faster connection + NAT. But OpenBSD + pf works extremely well with 20-30+ users all hitting up YouTube; before that, the coffee shop had a D-Link router which faltered within two hours of it being reset (by this time, it has to be power cycled again, ad nauseum.)

As other posters have said, be sure to get at least one 1 Gbps NIC card from Intel or 3Com. I'd personally get two of them and leave the motherboard NIC untouched; I've found that a lot of the lower cost motherboards with low power CPU's usually only have a 10/100 Mbps port, which should be more than enough for most internet connections, but could possibly peter out in real world scenarios.

Re:The best

[Wdomburg]

These little WRT's and such have the equivalent of 8-bit 200 Mhz CPU's.

They have what is a 32-bit 200 MHz processor. Specifically this one [broadcom.com] in the referenced Linksys model.

Lots of consumer routers can handle this today

[matbe]

In some countries, like here in Sweden, this was a problem 8-9 years or so ago (when we started getting 100/100mbit at home) and was under much discussion then, but I fail to see how it is a problem now. There are plenty of consumer home routers now that can handle this. I can highly recommend the more expensive DLINK routers, yes I know, the cheaper ones are ... not very good. Have a look at the DIR-655 or all of the DIR8xx series, excellent in my and many others experience. Stable, fast, never needed a reboot and has no performance problems for high-speed downloads, be it direct downloads from a single source or hundreds/thousands of connections in torrents. Have no problems maxing out my 100/100 connection. Even has traffic shaping so your downloads or uploads don't interfere (noticeably) with your gaming or browsing etc.

Pfsenese or m0n0wall might be more fun though, but if you don't run it on some small embedded device (but still have to find one powerful enough) it will draw more power than a small modern above average home router.

See this chart of actual WAN-LAN throughput for home routers: http://www.smallnetbuilder.com/component/option,com_chart/Itemid,189/ [smallnetbuilder.com]

Mind you you will have to use wired not wifi for those speeds.