Back to the home page
Note: for advanced users only!
Acting wrongly may render your router completely useless ("brick it"). Furthermore, the installation of Tomato on your router, may void the manufacturer's warranty.
Many routers are suitable for alternative firmware. The best choice is Tomato or its offspring Tomato RAF and Tomato by Shibby (better than DD-WRT).
With Tomato and Tomato RAF / Shibby, you have a tremendous lot of tweaking possibilities, much more so than with the standard firmware of your router. Plus Tomato and Tomato RAF / Shibby are entirely free, so no costs involved!
original Tomato is only fit for a few routers, and active development has stopped in 2010. Luckily, there are several forks of Tomato that are being developed actively. Those forks support a lot more routers, including many modern ones; more about that later.
For those routers that it does support, the original Tomato is still a good choice. Though no longer the best choice, because of course it hasn't had any security updates for years...
You can get it here.
Note: select Tomato_1_28 and not Tomato_1_28_ND. The New Driver wasn't very stable, at least not back in 2010, when the development of the original Tomato halted.
Note: make sure to check on the Tomato website, whether your router is supported. If not, read on: one of the Tomato forks might support your router.
Probably the best fork at the moment, is Tomato RAF. It performs very well on my routers, and has done so for years. Tomato by Shibby is probably fine as well, but I have less experience with that.
Not only do these forks support more routers than the original Tomato, but the makers have added some extra features as well. More about that later.
Note: when choosing a specific build: newer is not always better! Usually, the stable version is the best choice.
a. Turn on the router with the old firmware still in place. Use an ethernet cable to connect the computer that you wish to use for this operation, to the router. Wireless connections aren't suitable for this!
Also make sure that your wireless connection with the router is disabled. It's very important that you perform the operation by means of a wired connection, and also that there is no simultaneous wireless connection between your computer and the router.
b. Before flashing: reset your router to the factory defaults, by pressing the semi-hidden reset button for 10 seconds. The reset button is usually within a small hole in the router casing, and can only be pressed with a pen or with a match stick.
Can't find it? The manual of your router will tell you how to find that button (no manual around? Check the support section of the website of the manufacturer).
Check whether the operating system on your computer still has connection with the router. If not, re-establish the connection (Linux: click the icon of Network Manager in the system tray).
c. Especially important for Tomato RAF and Tomato by Shibby: use a mini-firmware as step in between, because otherwise there might be too little storage space in the router to perform the upgrade successfully. With a dead router as a consequence....
For this mini-firmware you can use a special edition of DD-WRT. Although I don't think that DD-WRT is nearly as good as Tomato and its forks, this special mini edition is very handy.
You can find and download the specific mini version that's fit for your router, by means of the router database of DD-WRT. Select the "Webflash image for first installation".
d. Now flash the router with the specific DD-WRT Webflash firmware for your router. That can be done from the configuration panel of your router; usually in the section Administration or Advanced, where it's normally called something like "Firmware Upgrade".
e. Reset your router to the DD-WRT defaults, by pressing the semi-hidden reset button for 10 seconds. That's necessary for completely cleaning the NVRAM of the router from remains of the former firmware.
Reboot your computer, in order to make your system recognize the new situation correctly.
f. Open the configuration window of DD-WRT. By default, it's at "web address" 192.168.1.1 in your browser. The username is root and the password is admin (both by default).
g. Go to Administration - Firmware Upgrade and flash your router with the appropriate version of Tomato, Tomato RAF or Tomato by Shibby. Note: do not enable the option to erase all current settings upon reboot ("Reset to Default settings")! It's better to do that cleaning from within Tomato itself (more about that later).
h. Reset your router to the Tomato defaults, by pressing the semi-hidden reset button for 10 seconds. That's necessary for completely cleaning the NVRAM of the router from remains of the former firmware.
Reboot your computer, in order to make your system recognize the new situation correctly.
i. After flashing, perform another thorough erase. See the screenshot below (click on it to enlarge it):
j. Pull the power plug from your router, wait 30 seconds, and plug it back in. You're done! But read on for some configuration tips.
Note: when upgrading an existing Tomato: always check the box for erasing all data in the NVRAM. See the screenshot below (click on it to enlarge it):
a. Make sure that your wireless security is OK.
b. Don't overdo it: the optimal Transmit Power (Tx Power) is not that high. In fact, the ideal Tx Power is the lowest value that still provides an adequate signal for you. Both because of security and of your health. For example: in my case a value as low as 5, proved to be quite adequate.
c. Keep your router lively and fast: schedule an automatic reboot. As follows:
Administration - Scheduler - section Reboot.
Weekly is generally sufficient; I myself have scheduled my routers to reboot every wednesday at 03:00 AM.
d. Connecting with a VPN
You might need to connect to a VPN (for example, from your home to your office). In that case, you may have to enable Universal Plug and Play (UPnP) in your router:
Port Forwarding - UPnP/NAT-PMP
Check: Enable UPnP
Click Save and reboot your router.
Note: this isn't always necessary. Try it without UPnP first.
e. Bandwidth limiting per user, can be done by means of QoS. This is rather complicated, although Tomato has done its best to make it as easy as possible for you. That's why I've dedicated the entire right column of this page, to the simple yet brilliant solution that Tomato has for QoS.
(continued in the column on the right)
This website is being sponsored by Google Ads.
Are you using an ad blocker? Then you're also blocking my earnings from advertisements....
If you wish to support my website, you can configure your ad blocker to make an exception for this website.
Thanks in advance....
Tomato and its forks are especially good at bandwidth limiting, by means of QoS. Much better than the QoS of DD-WRT, even better than the QoS of the commercial version of DD-WRT.
In fact Tomato's QoS is not only technically better than DD-WRT's, but much easier to set up as well. Tomato is therefore an ideal solution in situations where you share your internet bandwidth with other people.
The main bandwidth throttling approach in Tomato and its forks, is applying smart dynamic limits and priorities on types of bandwidth use. This differs from the more blunt approach of a "hard cap", a fixed bandwidth limit per user. Most probably, you won't need a fixed bandwidth limit at all, because the smart system works so well.
See the screenshots below (click on them to enlarge):
Improved Basic settings, slightly different from the defaults:
Improved limits, somewhat different from the defaults:
However, should you wish to have a fixed bandwidth per user after all, this is easy to set up in the newer versions of Tomato RAF. Not in the original Tomato; if your router runs on that, you'll have to switch to Tomato RAF for that feature.
This is usually hard to accept for most people: of course it's no fun to structurally leave 20 % of your bandwidth unused.... Yet it's absolutely necessary for QoS. You might see it as the price you have to pay for the use of QoS.
You have to apply this 80 % both to Outbound and to Inbound (Max Bandwidth).
Note: measure your actual amount of bandwidth yourself, and don't rely on the overly optimistic information from your internet provider. Use for example this website for your measurements.
Tip: in order to calculate correctly, you'll probably need to convert some units. For that, you can utilize this website.
This does not affect computers that are turned on, even when those computers are not in use: a computer that's turned on, will always automatically renew its IP lease when 50 % of the lease time has been used. In this example, every 5 minutes.
See the attached screenshot (click on it to enlarge):
I've mentioned the limit settings above; now the classification. See the screenshot below (click on it to enlarge):
Classification original Tomato (default, unchanged):
Tomato RAF has paid a lot of attention to this. At least in its latest versions, not in its older versions. See the screenshots below (click on them to enlarge):
Limits Tomato RAF (nearly unchanged defaults):
Classification Tomato RAF (unchanged defaults):
In situation 2, choosing the latest version of Tomato RAF instead of the original Tomato, is probably the easiest thing to do.
a. Amplify the wireless signal of your router
b. Apply a second router in your home
c. Reduce electromagnetic radiation of computing devices
d. Replace Windows XP by an easy free Linux
To the content of this website applies a Creative Commons license.