So you have 500Mbps-1Gbps fiber and need a router READ THIS FIRST

I'm going to offer a contrarian viewpoint here. Save money with a 250mbps to 350mbps connection and use good SQM (for example, the IQrouter v3, or any reasonable performance OpenWrt-compatible router.)

Unless you're unusual, and you can't stand the transfer speeds of your bulk up/downloads, you won't really notice the difference, as long as your latency is under control. (I said that badly. Let me try again)

Unless you're unusual, and the transfer speeds of your bulk up/downloads are unacceptable, it's likely that a lower speed to your ISP with a modestly-priced router that controls latency will make you just as happy. At a lower price from your ISP and your router.


Good point! IIRC, cake will try to maintain the configured shaper rates under CPU starvation, but will accept higher latency under load, while HTB+fq_codel scripts in SQM will honor the latency deadlines but will fail to meet the configured traffic rates id CPU starved. So depending on the selected script rate and/or latency will suffer if a router's CPU is not up to the task the router is confronted with. But that not only depends on SQM/the shaper but also what ever else the router is tasked to do. IDS like sentinel or snort are typically quite CPU intensive...

There never is a need to use SQM, but even with a low bufferbloat link, SQM's sharing guarantees can still be desirable, if only to restrict say the "fall-out" of a heavy torrent user in a network to that user's IP address/computer....


A side question: how to check if ISP is doing a good job or not?

1 Like

Also there are:
the dslreports speedtest (read this first)
waveform's new bufferbloat test

both of these can be run from a browser

@richb-hanover-priv : maybe we could/should add these to the Tests_for_Bufferbloat page?


The DSLReports bufferbloat test is listed there as the "Easy test". But I agree we should now include the Waveform bufferbloat test as another alternative.

@moeller0 PS I was a bit confused by your statement above, "... There never is a need to use SQM,..." Given that a huge fraction of people do suffer from bufferbloat, their experience will benefit from using SQM. Perhaps you mean that, "If you are not experiencing high latency or lag, then there's no need for SQM..."


Oh, my point is simply that SQM is not mandatory, and everybody is free to either use it or not use it as they see fit.
I also happen to believe that most networks would be well served to operate SQM or something similar, but in my foreigner's understanding of english, that is not a strict requirement or need or in IETF-ese a MUST.
My goal is to tell people the consequences of using or not using SQM and then let them make their own informed decisions what they want to do in their own network. Especially in situations where a router is not up to operate close to contracted/link rate, and where one needs to make compromises.

    That said, myself I followed your "contrarian"* proposal and operated my nominally 100/40 link at 49/36 since that was the most reliable shaping I got of my old wndr3700v2 with recent OpenWrt. A bit of testing convinced me that my family of 5 would be better served with SQM then with 55 Mbps more aggregate thoughput. (I have since switched routers, the trusty wndr now serves as AP, while a turris omnia took over primary routing and that device has no issues running SQM and an IDS (team turris' pakon) simultaneously at 95/36).

*) IMHO that is actually a common sense proposal and not much in the vein of the common anti-this anti-that contrarian, as you actually have a rationale to back this proposal up :wink:

Ooops, sorry, obviously I did not look closely at the page, I guess I assumed I had read it years ago and hence should know all of its contents by heart.


This aligns with what I'm calling Rich's second rule of network troubleshooting which is, "If you're happy, then I'm happy :slight_smile: " I don't feel an urge to optimize your network if you don't feel there's a problem. And I certainly won't point out a lot of problems that I see (or that might exist) if you are content with things the way they are.



@dlakelan Good post. I recently upgraded my Internet connection and now have that "Tim the tool man issue" too. Plus I am dependent on the nice features like wireguard, DDNS, VLANs,regular security updates and friendly expert support forum of openwrt.

I like your decentralized approach of using a unit that has one feature and it does it well. That will also bypass some of the proprietary firmware roadblocks.

Anybody using WiFi 6 AP that does mulitple SSIDs connected on different VLANs? I have three VLANs. I already have Atomic PI and tp-link USB UE300.

Looks at old Archer C7

Honestly my old device is keeping up thanks to the SFE offloading and mild overclock. I have Cox Gigabit but I of course can’t do SQM.

Yea but the point is that's without SQM... My WRT32X also handles 1Gbit without SQM, and with SQM Cake it's perfectly reliable at 600+Mbits, while also doing 100MB/s USB 3.0 NAS, Adblock, WiFi, Samba, etc. (I think now that the R7800 NSS offloading works it has similar performance.) The point of the post is that people shouldn't expect an SQM capable OpenWrt router to handle 1Gbit for a long time. Router CPUs just aren't fast enough right now and both the hardware and software support is a long ways off.

1 Like

Curious - - - - your last sentence " . . . both the hardware and software support is a long ways off.", for 1 Gbit service.

Are you saying that OpenWRT is not up to 1 Gbit connections?

Please advise.

what he's saying is that there are complexities due to multicore operations and proprietary offloading mechanisms that leave them with arbitrary limits...

vendors in effect... both fine tune and in many instances deliberately cripple at the same time...

3rd party firmware (generally) catches the flipside of both the above...

One other option is to use old used hardware .. eg a 800 watt Intel Xeon server :wink: ..I did buy some used R7800 routers for 60-80 EURO .. i've now 3 abound the house and are perfect.

1 Like

The OP is a masterpiece. Months ago I replied here to a similar question by sharing my solution to the same problem. Let me re-post the relevant parts here:

I use a rooted Homeware (proprietary fork of Openwrt) router for gigabit WAN, it does its job for 20€ in total. Most drivers are proprietary and closed. You cannot rebuild or replace the kernel, nor the main squashfs. It's still some of Openwrt in the end, so everything you compile for userspace works, and some kernel modules work too. I run both Transmission (an USB3 SSD is attached for that) and strongswan roadwarrior server on top of it and it just works. Every proprietary driver is integrated into UCI so you always do things the openwrt way, including VLAN and multiple SSID setup. [...] There exist multiple models with different specs: mine (20€) can do SQM (at ~180Mbps) and has STA capable driver for the 11ac radio; others (20-30€ too) have newer firmwares, quantenna wireless, and hw crypto; I won't recommend the older ones with older SoC and wireless chipsets, but they may have matched your requirements as well. Almost all of them have VoIP ATA capabilities, sometimes you also get an FXO port or DECT radio. Depending on what you want from an Openwrt router, this could be a damn cheap and effective solution.

If you want a real Openwrt experience then x86-64 is the way, as someone told here. Leave Rpi4 to makers, it is not meant for networking and it is very expensive for what you get.

Meanwhile, since that old post of mine, I set this things up for my relatives and I succesfully got asterisk, F2FS driver and even hw-crypo running for IPsec. Recently, I started testing even newer models with integrated GPON (yes, up to 2,5Gb/s is possible), 11ax wireless and even ARMv8 64-bit dual-core processors at 1.5Ghz. The old prices I mentioned were referring to second-hand market, nowadays those old models halved in price. I don't know how much the most powerful CPU could get on SQM, but if you really need full SQM bandwidth then I think spending 300/400$ for professional single-function equipment is the way.

I considered to buy a WRT32X a few weeks ago, but opted out because of it's cost (about $100), power consumption and lack of software support (no longer developed). That's a really good choice for non-WIFI routing anyway.

Also considered the use of extra switches, but who knows what software (or spyware) they are running if I cannot install OpenWRT.

Finally I cheaped out for a Netgear R6350 for only 150Mbps non-SQM WIFI bandwidth.

Anyway, for those who use a x86 box: why don't you use OPNSense or pfSense instead?

Because I prefer the flexibility of Openwrt. I can customize it pretty much however I want.

waste of good hardware and CPU cycles ? :slight_smile:

With that said, I don't use OpenWRT as a router, I leave that to Fedora, and run OpenWRT on my APs.