RT-AC68u WLAN<->WAN routing performance

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

davecl

New Around Here
Hello, I am currently running an AC68u with merlin 384.16. I am wondering if anyone had did any perf testing between the wireless and WAN routing and if there is a solution to improve throughput.

I have found that it tops off around 350Mbps with both cores hitting 100% with softirq on 5Ghz with 20/40/80Mhz. I am able to reach 700Mbps from wired LAN<->WLAN since there is not much routing involved there so it is definitely not my wireless settings (I've went through a few threads here on what to enable/disabled as well as picking the less congested channels).

I also have NAT acceleration enabled. On wired machine, I am able to reach full speed of my ISP (600-700Mbps). Disabling acceleration will cause the wired throughput to drop down max of 350Mbps similar to the WLAN side of things. This of course led me to look into this area. It appears that NAT acceleration is really only for wired connections (which makes sense since its under the LAN/Switch tab).

Anyone have any tips or tricks to get better throughput with WLAN<->WAN performance?
 

ColinTaylor

Part of the Furniture
I've tested this myself quite a bit on 5GHz. Generally speaking I can reach the limit of my ISP feed of ~550 Mbps with 1 core at ~85% and the other essentially idle.

Do you know what the clock speed your router's CPU is?
 

davecl

New Around Here
I've tested this myself quite a bit on 5GHz. Generally speaking I can reach the limit of my ISP feed of ~550 Mbps with 1 core at ~85% and the other essentially idle.

Do you know what the clock speed your router's CPU is?
Thanks for your reply!

# cat /proc/cpuinfo
Processor : ARMv7 Processor rev 0 (v7l)
processor : 0
BogoMIPS : 1599.07

processor : 1
BogoMIPS : 1595.80


# nvram get clkfreq
800,666

From top during traffic:
CPU0: 0.0% usr 1.8% sys 0.0% nic 1.8% idle 0.0% io 0.0% irq 96.2% sirq
CPU1: 1.8% usr 0.0% sys 0.0% nic 24.5% idle 0.0% io 0.0% irq 73.5% sirq


Not sure if I should overclock but considering you are reaching 550Mbps with a single core at 85%, there must be something going on with mine if its reaching 95+% on both cores as soon as I light it up with traffic. I did do a full reset of everything (config/nvram, jffs, etc) to try and resolve this to try and get the full bandwidth I recently started paying for.
 

ColinTaylor

Part of the Furniture
Just tested it again. This is on a quiet network with a 2 stream client and 80MHz bandwidth (866.7 Mbps link rate).

Untitled.png
 

davecl

New Around Here
Just tested it again. This is on a quiet network with a 2 stream client and 80MHz bandwidth (866.7 Mbps link rate).

View attachment 23651
Thanks again, can you tell me more about what you have configured? Assuming your sig up to date, meaning you are running 1200/800 & stock FW of 374.43_42E7j9527 ?

More importantly, do you have any firewall rules, QoS settings (all of mine are off AFAIK), packet inspection, VLAN, etc. that would require more CPU on a per packet basis? I'm not sure why it is so much more cpu intensive for me. It is not like I can run `perf` on these tiny boxes and see where the bottlenecks are :(.

It would be very appreciated if you can provide a **censored** dump of all your iptables (e.g. filter, nat, mangle). I wonder if there were some default rules that is dragging my routing throughput down :(.
 

ColinTaylor

Part of the Furniture
I intentionally run a pretty minimal setup. I've overclocked the CPU and RAM as per my sig.

I use John's Firmware rather than stock Asus. See here for details but it's based on an older code base so it lacks the bells and whistles of the current Asus firmware.

I don't use QoS. John's Firmware doesn't have Adaptive QoS and using Traditional QoS would CPU-limit the throughput to ~220 Mbps. This firmware also doesn't have any of the AiProtection stuff, so no DPI.
 

L&LD

Part of the Furniture
@davecl, I would recommend flashing RMerlin 384.17_0 release final instead. Do a full M&M config and also use new, never before used SSID's too (at least to test with). The SSID's should not be hidden and test them with 8 alphanumeric characters with no spaces, punctuation, special characters or smiley faces too (the password should be the same at 16 characters long, again, at least for testing).

Make sure you also format the JFFS partition on the next boot and then reboot the router 3 times in the next 15 minutes, waiting at least 5 to 10 minutes between reboots.

You may also want to reflash the same firmware again (384.17_0) after it has been successfully flashed and reset to factory defaults/Initialize all settings and formatting of the JFFS partition too.

Make sure you have the latest wireless drivers for your client device and you are using it plugged in and in the Best Performance power mode.

Also, do not use auto channel settings nor auto channel bandwidth either. Test each one manually (no need to waste time with an 'app' to find a 'good one', actual testing in your WiFi environment is needed) and keep notes for each channel not only for best throughput but also for least latency (when actually surfing the web), too. A spreadsheet is handy here.

If you're doing your testing with a handheld mobile device, don't. :)

Test your current configuration as-is by using a Guest network SSID with the attributes above and similarly check the wireless drivers used by your client device too. Use your wireless testing device plugged in and stationary without changing it location or orientation between tests.

Make sure to reboot both your router and the testing client when doing these tests to avoid caching issues and other temporary anomalies that may skew your results when you're changing the channel and bandwidth settings.

Please see the link in my signature below for the guides suggested above and more (the Nuclear Reset may help too, as may the link below).

https://www.snbforums.com/threads/ax88-packet-loss.62891/#post-563326

HTH. :)
 

davecl

New Around Here
Thanks for your responses. :)

As I mentioned, I've already did a full reset and wipe of everything on 384. It is not any of the channel settings (as I've already tuned this and is it NOT set to Auto) on the AP as I am able to pull 700-750Mbps from doing iperf or even simply ftp between a wired server (direct LAN port) and my wireless endpoint (currently on the latest version of macOS as well as a fully up to date debian on my other device and its device drivers).

I was hoping that I was very clear in the OP that this was never the case of poor *wireless* performance but rather poor *routing* performance--specifically WLAN to WAN. To reiterate, the fact that on the Asus router side itself, its poor CPU pegs near 100% of softirqs whenever I do routing between Wireless (WLAN) and WAN side. I cannot go beyond 300-350Mbps due to the CPU bottleneck on the router. Unclear if there are any bpf, iptables, or other modules that is doing DPI or mangling.

I've disabled all the QoS junk and other things that I can find on the web UI.

I can try the 384.17_0 release but from the changelog, I do not see any changes other than a few updates to userland binaries.

I can report back with 384 but will likely to also try john's 374 (of which I may have to flash via CFE or tftp since now I think i'm a bit stuck on 384).
 

ColinTaylor

Part of the Furniture
Have you disabled all the AiProtection stuff (which does the DPI)? The quickest way to do that might be to opt-out of the Trend Micro licence agreement.
 

davecl

New Around Here
Have you disabled all the AiProtection stuff (which does the DPI)? The quickest way to do that might be to opt-out of the Trend Micro licence agreement.
yep, everything disabled.. the only thing I cannot find to disable is AiMesh. I think that is perm enabled.
 

davecl

New Around Here
Okay, spent hours on trying different things and ultimately reflashing the firmware to different versions without much improvement.

So far I've tried (with all qos, aiprotection, etc disabled)
- merlin 384.17_0 - both with existing settings and fresh brand new settings (reset and reboot few times, etc. everything that was mentioned including new SSID) -- same deal.

- john's 374.43_42E7j9527 - fresh install and complete reset. with default clocks set to 800/666, same deal. 1000/666 with near no noticable improvement. with 1200/800, I can reach 380-400Mbps, no where near the 550 quoted here. Turning off the firewall completely I am able to reach higher (~500) which proves that it is packet processing but that leaves the router exposed to the internet so I'm not inclined to do that.

Next thing I may try is to run a separate gateway on the wired LAN but that seems a very weird way of working around the routing bottlenecks and defeats the purposes of running a relatively low powered device instead of a full blown pc.
 

grifo

Senior Member
Next thing I may try is to run a separate gateway on the wired LAN but that seems a very weird way of working around the routing bottlenecks and defeats the purposes of running a relatively low powered device instead of a full blown pc.
Or you could just get a dedicated AP to deal with the wifi part so you can retain Merlin's features and addons like Skynet, Diversion, etc on the router part. Or better sell the RT-AC68U and get a newer Merlin supported router.

Still it's odd that Colin's router can do 550 Mbps and yours can't. It may be worth Colin sharing his 5 Ghz wireless professional tab so you can test with exactly matching settings, in case one of those settings increases the workload for the router which could have an impact on performance when piled upon routing while it doesn't when just doing LAN to WLAN.
 

dave14305

Part of the Furniture
If you’re still on John’s fork, is NAT Acceleration set to Level 1 or Level 2 CTF?
 

ColinTaylor

Part of the Furniture
- john's 374.43_42E7j9527 - fresh install and complete reset. with default clocks set to 800/666, same deal. 1000/666 with near no noticable improvement. with 1200/800, I can reach 380-400Mbps, no where near the 550 quoted here. Turning off the firewall completely I am able to reach higher (~500) which proves that it is packet processing but that leaves the router exposed to the internet so I'm not inclined to do that.
Disabling the firewall should have no effect on throughput. If anything theoretically it might be a few nanoseconds faster as it has less rules to process. https://www.snbforums.com/threads/enable-firewall.40307/#post-337357 If you're seeing a difference I'd guess that's a variation caused by external factors.

What type of WAN interface do you have. Is it just Ethernet or is it something like PPPoE?

What is your CPU load like? Is it still using both cores or is it only using a single core like mine?
 

appleseed

Regular Contributor
also, check Advanced Settings > Wireless > Site Survey, to see if you are fighting an uphill battle.
(also download/compare with a wifi survey on your phone/tablet as you move throughout the home.)
 

davecl

New Around Here
Using the latest stock asus 385 firmware 3.0.0.4.385_20490 and I am able to achieve 420-450Mbps over WLAN (with 800/666 clocks). Unclear why all the other ones I want to use I can only achieve 350 at best. This very strange indeed. I miss all extra features by going stock but I've been shifting my workloads off to a tiny raspberry pi anyway.

I also want to thank everyone who have responded for their insights. Myself personally, I am a relatively experienced linux backend engineer for large scale computation and network systems and this has baffled even myself.

Or you could just get a dedicated AP to deal with the wifi part so you can retain Merlin's features and addons like Skynet, Diversion, etc on the router part. Or better sell the RT-AC68U and get a newer Merlin supported router.

Still it's odd that Colin's router can do 550 Mbps and yours can't. It may be worth Colin sharing his 5 Ghz wireless professional tab so you can test with exactly matching settings, in case one of those settings increases the workload for the router which could have an impact on performance when piled upon routing while it doesn't when just doing LAN to WLAN.
Yeah I could use a dedicated AP but I'd have to buy one. The alternative for me personally is to use my secondary AC68U as an AP (only used a ethernet bridge when needed, its turned off most of the time) but that would mean I have to uplink on the WAN port of the 2nd AC68U which I think would have a perf hit on the backplane. That is something I can explore but for now, I've practically given up on my AC68u. Would definitely appreciate the settings nonetheless. I've literally turned off everything that would get in the way.

If you’re still on John’s fork, is NAT Acceleration set to Level 1 or Level 2 CTF?
It was set to CTF. As mentioned, this only applies to the 4 port switch and not the WLAN routing.

Disabling the firewall should have no effect on throughput. If anything theoretically it might be a few nanoseconds faster as it has less rules to process. https://www.snbforums.com/threads/enable-firewall.40307/#post-337357 If you're seeing a difference I'd guess that's a variation caused by external factors.

What type of WAN interface do you have. Is it just Ethernet or is it something like PPPoE?

What is your CPU load like? Is it still using both cores or is it only using a single core like mine?
Yeah I agree with disabling the firewall shouldn't have an effect in this small scale but I've tried it nonetheless as in my backend experience, iptables does have a perf hit on packet processing in general (at large scale). WAN interface is just normal ethernet. I use a sb8200 but that doesn't matter as wired is full speed (not using link aggregation). But I also tested by creating a iperf/ftp/http server on the wan port that is isolated from the internet.

The CPU load is interesting actually. With john's firmware, the softirqs are shifted more towards cpu0 (~80-90%) but still ~40% on cpu1.. Surely an improvement over what it was before but still unable to achieve the throughput I've set out to.

also, check Advanced Settings > Wireless > Site Survey, to see if you are fighting an uphill battle.
(also download/compare with a wifi survey on your phone/tablet as you move throughout the home.)
This is not related to the wireless signal quality as mentioned especially when testing, I am sitting 1 foot away.. Considering you also have a AC68U and merlin 384.17, I'm curious to know what kind routing performance you are getting between WLAN and WAN?
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top