Tomato and Tomato RAF / Shibby: set your router free

Back to the home page

Note: for advanced users only!
Acting wrongly may render your router completely useless ("brick it"). Furthermore, the installation of Tomato on your router, may void the manufacturer's warranty.

Many routers are suitable for alternative firmware. The best choice is Tomato or its offspring Tomato RAF and Tomato by Shibby (better than DD-WRT).

With Tomato and Tomato RAF / Shibby, you have a tremendous lot of tweaking possibilities, much more so than with the standard firmware of your router. Plus Tomato and Tomato RAF / Shibby are entirely free, so no costs involved!

Original Tomato: still a good choice

1. The original Tomato is only fit for a few routers, and active development has stopped in 2010. Luckily, there are several forks that are being developed actively. Those forks support a lot more routers; more about that later.

For those routers that it does support, the original Tomato is still a good choice. Though no longer the best choice, because of course it hasn't had any security updates for years...

You can get it here.

Note: choose Tomato_1_28 and not Tomato_1_28_ND. The New Driver wasn't very stable, at least not back in 2010, when the development of the original Tomato halted.

The routers supported by the original Tomato are:

WRT54GL v1.x
WRT54G v1-v4
WRT54GS v1-v4
WRTSL54GS (no USB support)


WL520GU (no USB support)
WL500G Premium (no USB support)




Note: the original Tomato will not work on Linksys WRT54G/GS v5 or newer WRT54G/GS routers.

The best Tomato forks: Tomato RAF and Tomato by Shibby

2. As said, the original Tomato has a number of forks, that are still under active development. Those forks support a lot more routers, contain the latest security updates and have more features. There are several of them.

Probably the best fork at the moment, is Tomato RAF. It performs very well on my routers, and has done so for years. Tomato by Shibby is probably fine as well, but I have less experience with that.

Not only do these forks support more routers than the original Tomato, but the makers have added some extra features as well. More about that later.

Note: when choosing a specific build: newer is not always better! Usually, the stable version is the best choice.

Instructions for installing (flashing)

3. Please do NOT skip any of these steps: they are very important and will prevent a lot of headaches afterwards!

a. Turn on the router with the old firmware still in place. Use an ethernet cable to connect the computer that you wish to use for this operation, to the router. Wireless connections aren't suitable for this!

Also make sure that your wireless connection with the router is disabled. It's very important that you perform the operation by means of a wired connection, and also that there is no simultaneous wireless connection between your computer and the router.

b. Before flashing: reset your router to the factory defaults, by pressing the semi-hidden reset button for 10 seconds. The reset button is usually within a small hole in the router casing, and can only be pressed with a pen or with a match stick.

Can't find it? The manual of your router will tell you how to find that button (no manual around? Check the support section of the website of the manufacturer).

Check whether the operating system on your computer still has connection with the router. If not, re-establish the connection (Linux: click the icon of Network Manager in the system tray).

c. Especially important for Tomato RAF and Tomato by Shibby: use a mini-firmware as step in between, because otherwise there might be too little storage space in the router to perform the upgrade successfully. With a dead router as a consequence....

For this mini-firmware you can use a special edition of DD-WRT. Although I don't think that DD-WRT is nearly as good as Tomato and its forks, this special mini edition is very handy.

You can find and download the specific mini version that's fit for your router, by means of the router database of DD-WRT. Select the "Webflash image for first installation".

d. Now flash the router with the specific DD-WRT Webflash firmware for your router. That can be done from the configuration panel of your router; usually in the section Administration or Advanced, where it's normally called something like "Firmware Upgrade".

e. Reset your router to the DD-WRT defaults, by pressing the semi-hidden reset button for 10 seconds. That's necessary for completely cleaning the NVRAM of the router from remains of the former firmware.

Reboot your computer, in order to make your system recognize the new situation correctly.

f. Open the configuration window of DD-WRT. By default, it's at "web address" in your browser. The username is root and the password is admin (both by default).

g. Go to Administration - Firmware Upgrade and flash your router with the appropriate version of Tomato, Tomato RAF or Tomato by Shibby. Note: do not enable the option to erase all current settings upon reboot ("Reset to Default settings")! It's better to do that cleaning from within Tomato itself (more about that later).

h. Reset your router to the Tomato defaults, by pressing the semi-hidden reset button for 10 seconds. That's necessary for completely cleaning the NVRAM of the router from remains of the former firmware.

Reboot your computer, in order to make your system recognize the new situation correctly.

i. After flashing, perform another thorough erase. See the screenshot below (click on it to enlarge it):

j. Pull the power plug from your router, wait 30 seconds, and plug it back in. You're done! But read on for some configuration tips.

Note: when upgrading an existing Tomato: always check the box for erasing all data in the NVRAM. See the screenshot below (click on it to enlarge it):

Some configuration tips

4. Below, you'll find some tips for configuring your Tomato.

a. Make sure that your wireless security is OK.

b. Don't overdo it: the optimal Transmit Power (Tx Power) is not that high. In fact, the ideal Tx Power is the lowest value that still provides an adequate signal for you. Both because of security and of your health. For example: in my case a value as low as 5, proved to be quite adequate.

c. Keep your router lively and fast: schedule an automatic reboot. As follows:
Administration - Scheduler - section Reboot.

Weekly is generally sufficient; I myself have scheduled my routers to reboot every wednesday at 03:00 AM.

d. Connecting with a VPN
You might need to connect to a VPN (for example, from your home to your office). In that case, you may have to enable Universal Plug and Play (UPnP) in your router:
Port Forwarding - UPnP/NAT-PMP
Check: Enable UPnP
Click Save and reboot your router.

Note: this isn't always necessary. Try it without UPnP first.

e. Bandwidth limiting per user, can be done by means of QoS. This is rather complicated, although Tomato has done its best to make it as easy as possible for you. That's why I've dedicated the entire right column of this page, to the simple yet brilliant solution that Tomato has for QoS.

(continued in the column on the right)

This website is being sponsored by Google Ads.

Are you using an ad blocker? Then you're also blocking my earnings from advertisements....

If you wish to support my website, you can configure your ad blocker to make an exception for this website.

Thanks in advance....

QoS: applying bandwidth limits

5. Sharing bandwidth with other people can be unpleasant, when one of them uses up all of your bandwidth and thus renders your internet horribly slow. That's where QoS can come to the rescue.

Tomato and its forks are especially good at bandwidth limiting, by means of QoS. Much better than the QoS of DD-WRT, even better than the QoS of the commercial version of DD-WRT.

In fact Tomato's QoS is not only technically better than DD-WRT's, but much easier to set up as well. Tomato is therefore an ideal solution in situations where you share your internet bandwidth with other people.

The main bandwidth throttling approach in Tomato and its forks, is applying smart dynamic limits and priorities on types of bandwidth use. This differs from the more blunt approach of a "hard cap", a fixed bandwidth limit per user. Most probably, you won't need a fixed bandwidth limit at all, because the smart system works so well.

See the screenshots below (click on them to enlarge):

Improved Basic settings, slightly different from the defaults:

Improved limits, somewhat different from the defaults:

However, should you wish to have a fixed bandwidth per user after all, this is easy to set up in the newer versions of Tomato RAF. Not in the original Tomato; if your router runs on that, you'll have to switch to Tomato RAF for that feature.

The maximum is 80 %

5.1. Set the amount of bandwidth to be divided by QoS, at 80 % maximum. Definitely not higher, because QoS will become hopelessly stuck when your bandwidth drops occasionally below the set value.

This is usually hard to accept for most people: of course it's no fun to structurally leave 20 % of your bandwidth unused.... Yet it's absolutely necessary for QoS. You might see it as the price you have to pay for the use of QoS.

You have to apply this 80 % both to Outbound and to Inbound (Max Bandwidth).

Note: measure your actual amount of bandwidth yourself, and don't rely on the overly optimistic information from your internet provider. Use for example this website for your measurements.

Tip: in order to calculate correctly, you'll probably need to convert some units. For that, you can utilize this website.

Decrease the Lease Time

5.2. When there's a rather large number of people who use your bandwidth: decrease the Lease Time for the IP address, for example to 10 minutes. That way, an unused IP address becomes available for recycling much more quickly.

This does not affect computers that are turned on, even when those computers are not in use: a computer that's turned on, will always automatically renew its IP lease when 50 % of the lease time has been used. In this example, every 5 minutes.

See the attached screenshot (click on it to enlarge):

Different settings for different situations

5.3. Situations vary. So should your QoS settings.

Situation 1: family, hotel or camping

5.3.1. The default settings of the "original" Tomato are probably best suited to the needs of a family, whose father wants to restrict the excessive internet use of his children. Or the needs of a hotel owner, who wants to divide the available bandwidth evenly over his guests.

I've mentioned the limit settings above; now the classification. See the screenshot below (click on it to enlarge):

Classification original Tomato (default, unchanged):

Situation 2: fraternity house on college campus

5.3.2. Students do a lot of online gaming, and make use of Skype and other specialized applications. That calls for a different classification, because otherwise a lot of games will be lost....

Tomato RAF has paid a lot of attention to this. At least in its latest versions, not in its older versions. See the screenshots below (click on them to enlarge):

Limits Tomato RAF (nearly unchanged defaults):

Classification Tomato RAF (unchanged defaults):

In situation 2, choosing the latest version of Tomato RAF instead of the original Tomato, is probably the easiest thing to do.

Want more tips for wireless internet?

6. Do you want more tips and tweaks for your wireless internet? You might find these useful:

a. Amplify the wireless signal of your router

b. Apply a second router in your home

c. Reduce electromagnetic radiation of computing devices

d. Replace Windows XP by an easy free Linux

To the content of this website applies a Creative Commons license.