Nighthawk X8- R8500 Tri Band Quad Stream WiFi Router

[doubleroll]

Looks like a new firmware was released...

1.0.0.56
Enhancements:

• Improved the 5G-2 WIFI performance with some WIFI clients..

Bug Fixes:

• Fixes the possible bridge mode uplink performance issue .

http://www.downloads.netgear.com/files/GDC/R8500/R8500-V1.0.0.56_1.0.28.zip

 

[Puppa]

I see there's more than a few on here that came from an ASUS RT-AC3200. I've got a fairly large home network and have been burned frequently with stability issues on the 3200, which has been my best experience with ASUS yet. As far as home wireless routers go, I've been burned by all the big companies, so I'm not sure which company to hate the most. I thought I had it all nailed down, with recent firmwares, but last night doing wired video streaming from YouTube at 480p, the same old problems happened again: it was enough to send my 3200 into total constipation mode--no IP addresses granted for over a minute. I've got 22 wireless devices nightly and 9 always-on wired devices. If I were to say what the 3200 chokes on the worst, I'd have to say it was the wired connections, which seem to render its QoS settings completely irrelevant due to CPU bandwidth choking.

Anybody on here got something comparable on the X8? See any hiccups at all? The 3200 has the same ping variability problem I saw on my old 7000, which I traced down (for both routers) due to CPU bandwidth getting eaten up. Basically, I've had to turn my $270 router into a glorified NAT+switch to avoid the problem. This one's got 40% more in that category. Is that enough to solve the issue? I saw a posting that said no weird ping timing issues. Does that still hold true now, a month in for some of you?

 

[Puppa]

Something definitely wrong with the R8500. Downloading from a wired PC causes wireless to slow down and also extremely high latency. Speed drops from 150 Mbps to 2 or less. My AC66R did not exhibit this slow down...


Sent from my iPad using Tapatalk HD

Ugh. This is the exact same issue I have on my ASUS AC3200: all is well and good until a wired connection decides to do something. Does it still happen with the latest firmware?

 

[System Error Message]

You shouldnt be getting it on the asus ac3200 rather you should be getting it on the asus ac66r. The reason for this is mainly because of the CPU bridging but unless those same accelerators for wifi are used for internet it could be the problem or that wifi and LAN and WAN2 are connected to the same link as it happens in the AC87U.

 

[superjet]

This router is garbage.

I spent a little time on the phone with Century Link to get my PPPoE credentials.

As others have experienced across the internet, this router will not do more than 500mbps on the WAN connection. Using the latest firmware (the .56 one) Whether it's only acting as an access point downstream from the C2100T (provided by CenturyLink) or it's doing the PPPoE authentication and acting as the gateway it will not achieve >500mbps LAN to WAN or WAN to LAN.

I'm going to give them 44 days to come up with a fix for this, or its back to the C2100T, which gets a steady 940ish up and down both.

Edit: Previous WAN was 100/10 from Comcast on a N66U Merlin. House is wired with Cat5e/6. Multiple APs for better coverage. When doing initial testing with the 8500 my workstation desktop was the only device connected to the 8500.

Edit2: I tried multiple MTU settings. The default 1492 and the CenturyLink 1484. Computer was not firewalled

 

[Puppa]

@superjet Try turning off SPI and please post back what your throughput results are afterwards. That was the throughput culprit on my R7000v1 (single core model or R7000) as well as my ASUS RT-AC68R, ASUS RT-AC87R, and even my ASUS RT-AC3200.

 

[doubleroll]

Ugh. This is the exact same issue I have on my ASUS AC3200: all is well and good until a wired connection decides to do something. Does it still happen with the latest firmware?

Yes still happens. I have sent Netgear the info they requested. The router is very stable otherwise however.

 

[RMerlin]

I don't know if Netgear implemented Broadcom's PPP support for CTF (NAT acceleration), but if they did, you need to make sure you aren't using any feature that's incompatible with it. Try the most basic configuration with just the Internet and wifi configured after a factory default reset (no QoS, parental control or other fancy feature), and see what you get. 500 Mbps sounds about what this router should give you if NAT acceleration is disabled, and the CPu has to handle everything itself.

Doing 500+ Mbps over PPPoE is quite taxing on the hardware. You might be forced to either turn the router into an Access Point, or see if you could offload the PPPoE to the ISP's router, and go with a double NAT configuration (with the Netgear router in the ISP router's DMZ).

 

[superjet]

@superjet Try turning off SPI and please post back what your throughput results are afterwards. That was the throughput culprit on my R7000v1 (single core model or R7000) as well as my ASUS RT-AC68R, ASUS RT-AC87R, and even my ASUS RT-AC3200.

550/450 at that point. Dropped ping from 4 to 2ms. I meant to edit my post again last night to reflect that, my apologies. I cant do any further testing today because last night my ONT device lost its provisioning and now im waiting on a tech to come out... If nothing else changes they wont be here until the 17th. I guess I can go clean the house instead

 

[superjet]

I don't know if Netgear implemented Broadcom's PPP support for CTF (NAT acceleration), but if they did, you need to make sure you aren't using any feature that's incompatible with it. Try the most basic configuration with just the Internet and wifi configured after a factory default reset (no QoS, parental control or other fancy feature), and see what you get. 500 Mbps sounds about what this router should give you if NAT acceleration is disabled, and the CPu has to handle everything itself.

Doing 500+ Mbps over PPPoE is quite taxing on the hardware. You might be forced to either turn the router into an Access Point, or see if you could offload the PPPoE to the ISP's router, and go with a double NAT configuration (with the Netgear router in the ISP router's DMZ).

Thank you for the reply sir. I much more enjoyed the AsusWRT Merlin on the N66u to the Netgear interface. When I was doing the testing the router was fresh out of the box, reset with a 30 second push of the reset button then power unplugged for 2 minutes after updating to the latest firmware. My workstation was not firewalled, and connected 10 feet away with a Cat6 cable. The only features on the router which were enabled were vlan 201 added to the WAN/LAN interfaces. I also disabled the wireless radios. I've heard tell of people calling into centurylink who successfully got the vlan tags removed from their ONT but I havent tried that yet.

It's a complicated process to console into the ONT as well. They use a proprietary pinout for their db9 cables and do not have much available in the way of documentation for their console language.

I disabled SPI/firewall on the 8500 without much improvement as well. Using it in access point mode still resulted in just shy of 500/500 on the download and upload speeds. I have not tested it yet as you had suggested using its local IP as the DMZ ip address with the ISPs router. Does NAT acceleration across the board in consumer routers mean CTF? If so, that answers a longstanding question I've had but never asked about how consumer routers do so well with NAT acceleration enabled. Are they store and forward otherwise?

 

[RMerlin]

Thank you for the reply sir. I much more enjoyed the AsusWRT Merlin on the N66u to the Netgear interface. When I was doing the testing the router was fresh out of the box, reset with a 30 second push of the reset button then power unplugged for 2 minutes after updating to the latest firmware. My workstation was not firewalled, and connected 10 feet away with a Cat6 cable. The only features on the router which were enabled were vlan 201 added to the WAN/LAN interfaces. I also disabled the wireless radios. I've heard tell of people calling into centurylink who successfully got the vlan tags removed from their ONT but I havent tried that yet.

Might need to check with Netgear if this router can do NAT accelerated PPPoE on a connection that uses VLANs. This is a pretty specific scenario, CTF often has some specific limitations.

Does NAT acceleration across the board in consumer routers mean CTF? If so, that answers a longstanding question I've had but never asked about how consumer routers do so well with NAT acceleration enabled. Are they store and forward otherwise?

CTF (Cut Through Forwarding) is Broadcom's name to their NAT acceleration (also often called HW acceleration). Nobody knows the exact details since CTF is a blackbox, even router manufacturers don't get access to that source code. One of the things it does is to bypass some forwarding handling usually done by the Linux kernel. This is how they can reach gigabit NAT performance with a mere 1 GHz CPU.

Initially, CTF didn't support PPPoE. I first saw it added maybe 2 years ago. Your best shot at this point would be to check with them if the R8500 supports NAT acceleration with a PPPoE + VLAN configuration.

 

[monfster]

Is there any info on when some Kong/Tomato mods might be available, or are there any that would work with the R8500 now?

I'm getting pretty frustrated with Netgear's answers to some questions/feature requests I had. No plan for 6in4 support (I can fake it pretty good using the 6rd configurations with an HE tunnel, but eventually they'll drop my tunnel because of it). The second was a request for an ipv6 firewall, and I was told that there already is one. There isn't, of course - I set up with 6rd on a 6in4 tunnel and can find all the listening ports on any machine behind the router that receives a DHC6 assignment. (Of course, I realize that's how IPv6 works, but at least my old Asus AC3200 had an IPv6 firewall where you opened ports by ipv6 address and port number).

Also wondering if there is a way to tell if CTF is on or not, or if turning off SIP ALG and DoS and port scan will automatically enable it.

A couple of other things I've learned since having it is that it is still a 4 port switch on the back - you can aggregate #1 and #2 (but no jumbo frames), #3 is a standalone 1Gb port, but ports 4-6 have a total speed of 1 GB, which leads me to believe the last 3 are a dumb hub off the what would be the 4th of 4 switch ports, and not standalone separate switch ports - running some broadcast and multicast packets and see what goes through would verify it one way or the other.

 

[thiggins]

but ports 4-6 have a total speed of 1 GB

How are you testing this? It's unlikely the ports are configured as a hub, i.e. all traffic from any port copied to all other ports.

 

[RMerlin]

Is there any info on when some Kong/Tomato mods might be available, or are there any that would work with the R8500 now?

Tomato will be quite a while. Shibby only recently got the Broadcom SDK7 supported added to Tomato, so he can currently support the Asus RT-AC3200, with the Netgear R8000 being next on his list. The 8500 will require some additionnal work after that, but it shouldn't be too hard to add.

The second was a request for an ipv6 firewall, and I was told that there already is one. There isn't, of course

This is sadly a common misconception by manufacturers. Asus too claimed they already had an IPv6 firewall before they finally implemented a real one. It seems that they fail to realize that IPv6 is routed, not NATed. Therefore, you must firewall the whole LAN, not just the router's own IP.

IPv6 support remains quite spotty and incomplete in home gateways, and will remain so for at least a few more years.

Also wondering if there is a way to tell if CTF is on or not, or if turning off SIP ALG and DoS and port scan will automatically enable it.

If the router has telnet or ssh access, check if the ctf kernel module is loaded:

lsmod | grep ctf

If you see ctf in that list, then it means CTF is loaded and active.

 

[NightOwl326]

How are you testing this? It's unlikely the ports are configured as a hub, i.e. all traffic from any port copied to all other ports.

When you do test this router can you test what .52 firmware was suppose to fix, "Fixes the internet upload low throughput issue when the USB storage is connected to the router" as it did not resolve the issue for me. Thanks!

 

[monfster]

How are you testing this? It's unlikely the ports are configured as a hub, i.e. all traffic from any port copied to all other ports.

I may be misinterpreting the manual, but where ever the manual talks about using port aggregation on LAN1 and LAN2, there is a note displayed:

"To get the fastest performance with port aggregation, for wired connections use Ethernet port 3 for the first computer, and use Ethernet port 4, 5 or 6 for the second computer, which allows for speeds up to 2 Gbps with port aggregation. The maximum speed between port 4, 5 and 6 is limited to 1 Gbps."

I'm assuming that what they are trying to say is that if you have two computers connected to ports 4, 5 or 6 that it will only send max 1Gbps to the 2Gbps aggregate, whereas if you use port 3 and one of ports 4-6, you can achieve a 2Gbps speed to the aggregate.

My idea that they hubbed the final port on the switch is just a guess, as it would be easier and cheaper for those last 3 ports and would explain the rate limitation Netgear documents, I can't see them designing a 6 port switch with a built in limitation like that on half the ports. As I said, it's just a guess and not even a very educated one at that.

Once someone does a teardown, we'll know why that limitation between ports 4-6 and 1-3 exists.

 

[thiggins]

I see how you could read it that way. Again, I don't think there is a hub. But there could be a separate switch chip handling ports 4-6, with only a single Gigabit uplink to the main switch chip. Think of it like one switch uplinked to another.

I'll see when I open it up after testing.

 

[RMerlin]

I see how you could read it that way. Again, I don't think there is a hub. But there could be a separate switch chip handling ports 4-6, with only a single Gigabit uplink to the main switch chip. Think of it like one switch uplinked to another.

That was also my thought. That's the case for the Asus RT-AC88U, where you have the BCM switch connected over RGMII to the Realtek switch. But I suspect that Netgear is simply using all the ports possible with the BCM chip (which is why they have 6+1 ports rather than 8+1), so the total bandwidth should be higher than just 1 Gbps - otherwise what would be the point in LACP?

 

[superjet]

@RMerlin I have asked Netgear support RE: CTF on PPPoE + VLAN and they didn't have an answer. They've all been very pleasant to talk to but have not been able (as of L3 tech support) to give an answer one way or the other.

 

[NETGEAR Guy]

1. For the port aggregation switch design, the R8500 uses an external 5 port Gbit switch for extending 2 extra LAN ports. The WAN port and LAN ports 1,2,3 are from BCM4709 and LAN ports 4,5,6 are from the external switch. The external switch does not use RGMII to connect to the BCM4709, instead it connects to an Ethernet phy port. The reason is that if we connect to an RGMII, it may impact the maximum aggregation (2.4G+5G1+5G2) WiFi performance. Also ports 4,5,6 are limited at 1G total bandwidth.

2. The R8500 supports PPPoE over CTF. So the PPPoE throughput can reach over 900+Mbps. In our current lab testing, the maximum PPPoE WAN speed has reached 950Mbps. So we can support a 1G PPPoE WAN speed if supported by the ISP.