DD-WRT vs. Tomato vs. Open WRT?
High performing routers have several perks and configuration options often left out from standard consumer grade models. The only trouble is the high cost attached to them, some going as high as thousands of dollars, and that’s to be expected for corporate grade security firewalls and all. However, when compared to consumer grade routers, the difference is astonishingly disappointing. For many years, there were lots of custom firmware (e.g. Lede or Gargoyle) developed for popular home routers, such as D-Link, Linksys, Netgear and even ASUS, often left much to desire.
From buggy features, limited options, and even slow performance, the downsides are varied from one model to another. Very importantly, routers lack the possibility of using OpenVPN protocols, in order to setup VPN server or client services directly from the network router. Additionally, it can be argued that there is no such thing as secure firmware from any network router maker. Even Juniper has admitted having a backdoor vulnerability in their firewalls for years. In 2014, a security flaw in ASUS models allowed attackers to access the devices from anywhere online, while more recently, the Wi-Fi security was also compromised. The list goes on, and this is where open-source firmware shines.
The way to drastically improve your router, is by installing one of the third-party open source firmware options available. These alternatives can instantly improve performance, and unlock a multitude of features previously unavailable, instantly turning your cheap router into a powerhouse. There are way too many features and capabilities gained to list them all, but the main ones range from bandwidth monitoring, advanced QoS, Wi-Fi power and performance boost, and built-in OpenVPN clients.
But installing different firmware on your router, referred to as ‘flashing firmware’ is not always easily done, and picking the right firmware for your needs, router and budget should all be assessed first.
There’s always new developments and updates that provide more options to consumers, so in order to help you choose the right option, let’s have a look at the most current firmware developments, as well as pre-configured options available for those who feel way over their heads when it comes to flashing their own routers.
Many people don’t feel tech-savvy enough to start tinkering and flashing firmware, but all popular options have rich step by step tutorial guides and compatibility lists to facilitate the process. But there are some very important things to know before you even start. Flashing firmware or installing different software to run your router is usually against the manufacturer’s terms of service, and will automatically void any support/warranty on the hardware. There is also always the risk of damaging the router in an irreversible manner, especially if you don’t follow the steps correctly.
With that said, I am not suggesting that you give up, if you have a rather inexpensive router at home to play around with, it can be a fun project, and learning experience, so don’t be scared to try.
What if flashing firmware on your router is really not for you?
There’s a few options to consider. The first one being professionally pre-configured routers with the firmware of your choice.
FlashRouters offers a huge selection of pre-configured routers running DD-WRT or Tomato, and optional specialized options such as dual router setups, wireless extenders, and even the option to add pre-paid, pre-configured VPN services! Apple Airport lovers rejoice, they even offer specialized dual-router setups to link with your Airport Extreme. Their team of pros configure and test your router, as well as provide stellar after-sale support, to help you get going every step of the way.
–
And finally, if you decide to go with DD-WRT – Buffalo offers DD-WRT Routers. They provide the simplest solution of all, and best value for your money, coming in at a comparable cost of traditional routers with similar specs. The second-gen models now offer better performance and stability. With a 3 year warranty, Buffalo really makes it hard to pass by these DD-WRT configured routers.
Some of Asus’s latest routers have also upgraded to high performance firmware based off DD-WRT called Asuswrt. It is essentially a stripped down version in terms of features and functionality, but a great boost on performance, while still allowing you to tweak and configure the most important details.
What firmware is the best choice for you?
1. DD-WRT
DD-WRT was known as the most feature rich firmware of them all until Openwrt came along. Since this particular Linux based firmware has been in development for several years, stability is not usually a problem, but having a multitude of configuration options that are often left unused does come at a price. Compared to Tomato, DD-WRT is reported to have more bugs. Additionally, the interface, being cluttered with options, can be intimidating and harder to navigate. Overall, it provides immense improvement to consumer routers, turning them into a network geek’s dream. In addition to having the most options, DD-WRT is also the most compatible of the bunch. It should also be noted that DD-WRT is not the easiest to flash to, and can sometimes become frustrating for beginners. Below I included links to our DD-WRT guides to help navigate the waters. To find out if you can install in on your network device, note down the proper model number of your router and check compatibility using their updated master list here.
SEE ALSO:
- How to Setup and Configure DD-WRT
- Best Routers for DD-WRT
- Use a DD-WRT Router as a Repeater for WiFi
Pros:
- Offers the a multitude features and configurations.
- Compatible with more routers than any other third-party firmware.
Cons:
- Bit more difficult to Setup. Advanced features make it harder to use.
- Stability can fluctuate, multiple builds for various router makers and models.
Multiple DD-WRT builds exist, adding an additional layer of difficulty in making a choice! For those starting out, using the default version is perfectly fine. But, if you happen to be using an Asus router, the Asuswrt can also be upgraded to Asuswrt-merlin FW, ultimately a third-party enhanced version of Asus’s firmware, that fixed many known bugs while improving speed, performance and stability.
2. Tomato
Tomato firmware is similar to DD-WRT,and also based off Linux, but opts for a better balance between performance and features, and does so very efficiently. Tomato has a simple, graphically rich interface, making it easy for even beginners to pickup. If your router is not supported by the DD-WRT firmware, your best alternative is undoubtedly Tomato. It might not be as featured rich as the DD-WRT firmware, but it will still open up the best config options required to supercharge your router. Tomato also offers certain capabilities not found on DD-WRT, specifically live ‘visual’ traffic monitoring, allowing easy visibility on inbound/outbound traffic in real-time. Being that its’ lighter in features, it is also often said to be more stable and offer better overall performance. If you’re a beginner, or simply want better firmware with no bells and whistles, Tomato probably still scores as the best option when available.
Pros:
- Offers better stability and performance than DD-WRT.
- Unique features for real-time traffic monitoring, with graphic charts.
- Easiest to setup and use.
Cons:
- Less features available than DD-WRT.
- Smaller router compatibility list.
Multiple Tomato builds also exist, and once again, picking the basic original firmware is a great choice, but lately, I have tested the Tomato Shibby build and can firmly stand by both performance and stability it offers. But once more, opting for the official build is fine.
3. OpenWRT
OpenWRT is very different from the previous two router firmware options because rather than providing all the features in a single package, they provide an in-built platform where others can then build packages onto. It’s the latest open-source network router firmware of the bunch and at first I was reluctant to suggest it to beginners and even intermediate users, unless customizing your firmware was something that interested you. With that said, my latest revision of this article could not ignore how much OpenWRT has grown in the lat couple of years, and it was time to no longer ignore the comments below this post. OpenWRT has steadily become the most regularly updated and capable option of the bunch. Not only does it have more functionality made available at your fingertips, the performance is there and bugs are regularly patched, all while newly developed modules allow endless integration and growth in capabilities for many target specific tasks you may need along the way.
The open platform is also welcoming for the coding types and those that wish to have very custom functions built. If you’re looking to code your own network router firmware, this may be a good place to start, and at a minimum, you can connect with and meet other like-minded individuals.
SEE ALSO:
Pros:
Completely customizable, include or exclude packages to build firmware tailored to your needs. With time a multitude of add-ons has been made available to OpenWRT, including existing network software apps, allowing for full integration all in a single place.
Cons: Not always user-friendly, best reserved for software developers, network admins, or advanced users. With my latest revision, this is no longer entirely true. The platform has come a long way in making itself more accessible to all user levels.
Conclusion
So, you might still be asking yourself which one you should use, so I will try to finalize this guide by summarizing the three as simply but as accurately as possible, including Asuswrt options. On my first edition of this post, I was hesitant to favor one firmware option over all the others. Reason being that I actually do like them all without much fault, but more importantly because DD-WRT and Tomato are still both excellent choices. The truth is, any open-source firmware is better, safer, and way more secure than all the compromised stock options, and I rather highly suggest to flash and change your firmware, regardless which open-sourced option you choose.
I have used most of them (DD-WRT, Tomato and OpenWRT to be exact) for extended periods of time over various home and personal grade network routers I have owned over the years, but after having more time to spend on OpenWRT, I do feel a little more sold on crowning OpenWRT the best firmware platform of them all. But as advised, if you have a knack for Tomato or DD-WRT, they still make a good choice, and notably provide increased security to your network. I guess what I am saying is, above all the most important step is to change firmware in the first place.
The community feedback on this post also weighed in heavy on OpenWRT having become the better option of the three major players, with regular updates, and new modules and compatible ports of existing software solutions. I still stand by my statement that OpenWRT is the most advanced option, and will always make a better option for advanced network geeks, administrators and devs. Additionally, depending on how many advanced modules and features you wish to incorporate, you need to run a router with a good amount of RAM memory for optimal performance. Overall, it provides you a well rounded suite of functions and an OpenVPN protocol add-on that works wel. You can really target specific functions and tasks without cluttering the device with stuff you don’t need. Some home based users have insanely advanced server setups in their houses, and there is nothing OpenWRT cannot do with added modules. User accessibility and ease of use have also improved drastically, meaning that using OpenWRT should not be so difficult that you would shy away from it. Give it a shot, and you’ll probably be sold too.
- DD-WRT = Most options and features, and network techy’s dream – fun to play with and learn, and not too difficult to install.
- Tomato = Less features available, but still very rich in important options, and offers better stability, speed and overall performance. Often said to have better WiFi performance. Easy to install and easier to use than DD-WRT.
- OpenWRT = Most customizable with add-ons, opening up way more customizing and functions not available otherwise.
- Asuswrt = Asus developed firmware for their newer routers, originally based off Tomato. Note: Vulnerabilities have been found with ASUS routers, similar to all other stock firmware options out there, and I would now highly suggest to flash these routers.
- Asuswrt-merlin = Third-party version by merlin of Asuswrt. Improved version that focuses primarily on performance. Corrects many known bugs with Asuswrt’s stock firmware. *Only compatible with limited list of Asus models.*
To summarize them a final time;
- DD-WRT = Features
- Asuswrt-Merlin = Performance
- Tomato = Mix of both
- OpenWRT = All of the above
- Asuswrt = Not open source, and compromised, do not use.
Excellent article! I’ve been frustrated with my routers’ firmware (yes, plural) for coverage and performance. The last time I tinkered with DD-WRT, my router wasn’t supported, but now that the router has aged a bit, that’s changed. As always, I looked around for the alternatives and found your article.
One OpenWRT issue that doesn’t seem to be mentioned is with Broadcom wireless chip support. Per their page on the subject ( https://openwrt.org/meta/infobox/broadcom_wifi ), generally OpenWRT won’t do 5g on Broadcom routers. That’s a strong consideration for anyone with those widely used WiFi chips. A shame, too, since that seems like an excellent choice.
Thanks. I’ve usd DD-WRT and found it to be much better than any stock firmware even though at times I found it to be mildly “buggy” and “unstable” (still recommendable, however)… But your review told me exactly what I wanted to hear! I’ve been following OPENWRT but have avoided it, not only because it was a little too much for me to dive into (which is hard to admit with the amount of experience that I have) but just about the time I became interested in learning about OPENWRT the developers had a falling out, small “civil war” and then OPENWRT split into two camps over their differences. Now that OPENWRT has re-unified and the developers appear to have done a fabulous job improving the firmware on so many levels I’ve decided that its time to TAKE THE PLUNGE! Something tells me I’ll never look back!
PS It may not be “my place” to say this but being rather familiar with DD-WRT and having spent some time in the DD-WRT forums I can say, IMHO, that a few of the developers over at DD-WRT have some hefty personality issues and at least a couple of them have demonstrated obvious “anti-social” personality disorders, as defined by DSM-4 and DSM-5. In the years I spent over at DD-WRT I’ve never said a word about it, but now that I’m making the switch I feel more comfortable about expressing my opinion. I don’t mean to pick a fight with anyone or start a range war, its simply a conclusion based on observation and opinion. If you don’t believe me go over to the DD-WRT forums and check it out for yourself and try asking a few questions about “how to” or better yet make a suggestion!! I’ve never personally had any problems with the folks over there but I would admit that I took exception to way that some of the developers would respond to and address users who were either making reasonable suggestions or asking valid questions. I chalk it up to “burnout”, a lack of true civility and irresponsibility since it doesn’t take much to treat people with basic dignity and resect. At any rate, I ramble on. Thanks again for the review and best regards.
Um… maybe you shouldn’t be suggesting stock tomato anymore… Last time tomato was updated was in 2010!!!! Also asuswrt is more secure now, since the holes actually get patch up in a timely manner. I bet there are more vulnerability in the 8 year old tomato firmware than just updated Asuswrt. (Asuswrt’s last update was on 2017/11/01.)
DON’T GO TOMATO! (Unless it’s a shibby or other still developed fork)
What’s the best choice for me? I’m Down under and not sure if any of these will work here, at the moment I’m running NordVPN through my dodo ADSL2 stock standard modem and on 3 of my phones via WiFi and my nose runs faster!, 7 maybe 8 Mbps until I activate VPN, then it’s lucky to even load the Speednet.com App and if it does it times out!, 3 to 4 Mbps on a good day :(… Any advice would appreciated, Thanks inadvance… Garry.
The biggest problem using OpenVpn with a Tomato or DDWRT router is that data rates are about 20% compared to the same VPN running on android or a computer. Older router soc are not that good for VPN data rates.
OpenVPN data rate issues have nothing to do with firmware. Your router must have enough processing power to give you the proper speed. I believe the DD-WRT site will tell you how much processor speed you need for X throughput. OpenVPN requires lots of processing power (something like 800 MHz for 10mbps but don’t quote me)
My version 3 Linksys EA4500 has a Qualcomm Atheros QCA9558 soc with 128 MiB ram and flash. In my opinion Openwrt will be much better than DDWRT or Tomato especially with the ram and flash available on the EA4500 plus DDWRT or Tomato will not support this soc in the near term if ever.
I will use Openwrt when it is available since Tomato and DDWRT are too many steps behind supporting mostly older routers ,limited Soc and usually always have some bugs. Scripting is unavoidable anyway even when using DDWRT or Tomato since you will need to script in order to setup DNSMaq and OpenVPN properly.
Worth to mention AdvancedTomato – https://advancedtomato.com/
+ pros: amazing UI, stable
– cons: only few HW is supported
I use dd-wrt contrary to what’s been said already it’s actually not very hard to install or use it. I actually find some of the options in it very limiting, yes there is more leg room than the conventional crapware that comes as default with any router. It’s just that it’s not not enough, I have the dual band n router from Linksys and it only works with dd-wrt none of the other firmwares would work with it. So that is also something you should consider when installing open firmware, what actually supports your router and what might be the better trade off.
Thanks for the guide
let us suppose if i am going to use tp link router for broadband monitoring , which is better among the three open source firmwares?
Awesome quick-guide there. I have been a fan of Shibby’s Tomato for years now, but will have to check out OpenWRT. I tried DD-WRT as well but went for Shibby’s as DD-WRT did not have the same custom settings for the FTP server part of the firmware.
There must be something I have missed!
It seems DD-WRT and Tomato based on OpenWRT.
Doesn’t that make OpenWRT the preferable choice if you’re looking for stability and most updated?
If you don’t care much about the user-interface, why go for anything else than OpenWRT?
I think this article gets things upside-down and is nonsense.
Correct me if I’m wrong?
– DD-WRT is linux based and was released somewhere around 2005 when Linksys WRT54G was “the” router to own. As you probably know, the WRT portion of the firmware’s name is actually adopted from the Linksys router model number WRT54G. Some people argue DD-WRT is dead, but as of 2016, Linksys now sells routers with DD-WRT out of the box.
– Tomato is also linux based, but built off an early firmware called HyperWRT. It came a few years later in 2008. Tomato is known for being much more stable than DD-WRT, with a superior interface and graphical bandwidth monitoring. The lighter firmware gets rid of most of the fluff from DD-WRT, leaves the most important functions, and runs with less bugs. The downside is that the compatibility list is shorter, and there is less information available comparably to DD-WRT guides
– OpenWRT is the oldest open project having started in 2004. At its early stages, it was promising. Now it is the leading firmware with automatic updates, quick bug fixes, and an almost unlimited amount of possible functions that can be added as modules. Linksys has also started selling open routers that can install OpenWRT with just a few clicks. Compatibility list is ever growing, but it does require more resources.
Overall, it would be unfair to say that DD-WRT or Tomato are both useless as of now. If OpenWRT is not an option, either or of the two still greatly improve the security and performance of a network router. But it is true that OpenWRT has taken the lead, and should be considered first as it will only continue to get better.
I don’t know where you read that OpenWrt has only started in 2014, but the project’s initial release is from January 2004… (https://en.wikipedia.org/wiki/OpenWrt)
Thanks for the correction, our comments moderator has updated the information to avoid confusion.
Thanks alot, which one would you recommend for web user authentication?
Open WRT = Live updates, outdated software. NTY!!
Pretty good post.Thanks.
I agree on Open-WRT to be on top. You can pretty much can install anything that available in the repo. Try NGINX + FCGI or even Aircrack-ng + Reaver suite in your bloody router. 😀
Just bought a wrt1900ac the first thing I did is install dd-wrt. Dunno what the major difference is for user specific scenarios with the various firmware. But all I care about is the fact it works, its better than the crippleware the router came with. No issues that I can think of so it works for me.
great breakdown, i was really confused with all the firmwares. I bought a ASUS RT N53 and after dealing with their horrible customer service for like 4 hours, i finally got the answer, it doesn’t support open vpn client. URGH, so i was told about ddwrt and tomato, didn’t understand any of it. this article provided me with some good info. thanks!
OpenWRT is the way to go nowadays it has a very clear and transparent development schedule and lots of routers are supported, also the whole project offers lots of documentation. Setting PPTP is fairly easy.
It one needs a third party firmware for extending wireless network I really recommend checking Gargoyle, it’s build on OpenWrt but its web interface is really easy to setup, also very stable. It also offers plugins for PPTP (not stable, I don’t recommend)and OpenVpn, all very easy to setup. But for this advenced features, be sure to have 8mb+ ROM in your router.
I second that. I’ve been using DD-WRT before for 3 years. But, recently have switched my own way to OpenWrt for its constant updates and good forum contents. DD-WRT beta updates on SP2 eko has been stopped for about a year. Last updated was on Dec 2014. There are none update for 2015 which surprised me for some specific model which is still supported by OpenWrt (Chaos Calmer 15.05).
this article can be summarized by saying.
which router firmware is best?
the one you like.
seriously, no opinion at all?
I have been using dd-wrt for about 7 years and I never upgrade to the newest version. Chrome works fine in interfacing with it. It is the old linksys wrt54gl blue box circa 2000, but I have ordered a new linksys wrt54gl router twice in 2015, flashed it with the old ddwrt and am up & running in 10 min. Router never needs rebooting and rock solid stable.
The most recent build of dd-wrt for the wrt54gl is so old (2009) that it doesn’t even work with Firefox or Chrome, because those browsers refuse to use old unsafe SSL versions. I had to dig up Safari to even connect to my dd-wrt installation.
@jwb Again, dd-wrt is under constant development. You need only know where to look. Remember that dd-wrt is not meant for novices–you need to know how to log in to your router, manage your router, and update its firmware. Compared to that, navigating the website and forums of http://www.dd-wrt.com/ is relative easy.
>> The most recent build of dd-wrt for the wrt54gl is so old (2009) that it doesn’t even work with Firefox or Chrome
I agree.
In ranking DD-WRT vs Tomato vs OpenWrt for up-to-dateness, I would CLEARLY put OpenWrt first followed by Tomato (v1.28 from 2010), and put DD-DRT in last place. Just checkout downloads.openwrt.org/ for last month’s listing of OpenWrt’s Chaos Calmer 15.05
While DD-WRT’s widely referred-to Peacock Thread-FAQ http://www.dd-wrt.com/phpBB2/viewtopic.php?t=51486 and forums predominantly suggest sticking to routers’ stable versions ftp://ftp.dd-wrt.com/stable/dd-wrt.v24%20SP1/Consumer/ , these are all over a half-dozen years old!
DD-WRT updates are found in the Beta router firmware ftp://ftp.dd-wrt.com/betas/ , but for practical purposes, it can be IMMENSELY difficult to know which exact upgrades one really needs :/
Yes agree with all above. Thank you for taking the time to document this information. Exactally what i was looking for. DD-WRT it is so.
I think DD-WRT is getting too much praise. It has not been updated for many years. Give OpenWRT a try, the interface feels polished and should not be too hard for anyone already willing to flash an alternative firmware. Anyway, I just bought an Asus RT-AC87U and will try to stick with the Merlin firmware if possible. If I do change it will be OpenWRT.
Thanks for the feedback, I think it may be time to give it another spin!
@Arend dd-wrt is updated constantly. If you look at beta development, http://dd-wrt.com/site/support/other-downloads?path=others%2Feko%2FBrainSlayer-V24-preSP2%2F you will see many cuts of dd-wrt *every month*.
The development of the given link has no update for 2015. So,it’s not constant anymore but outdated. Compared with OpenWrt they have constant update on snapshot repo.
DD-WRT is dead, it died very long ago.
They never really supporter newer high performance router or did it way way to late often 2 years after their release.
their software is superduper buggy once you go on higher level network config like multiwan, vlan and so on
they put to much effort into nonsense features trying to make a router into a nas station wich makes no sense on any level.
devs are learning resistant and stubborn not listening to reason and logic
tomato in comparison is much more featurerich regarding networking and much more mature. only some very light bugs which got fixed very quickly
works very stable and relyable
but lacks of documentation sometimes 🙂
Great article, thanks. Although you have mentioned it, it should be emphasised that DD-WRT supports 100s of wireless routers compared to the other firmware. For those hesitant to try, you can pick up DD-WRT compatible routers on ebay for under $10. Then you have nothing to lose if you cannot manage to install DD-WRT (or brick the router). But if you’re successful, then you’ll be able to expand your wireless network by adding your newly created DD-WRT router. Go for it!
I have been running with dd-wrt for over a decade now and I have had lots of success and very minimal problems. Every couple of years I look for a new version but haven’t found any for quite a while. I saw listed in your article that a con for dd-wrt is “multiple builds and constant updates released.” Perhaps I’m just out of the loop, but where are you getting the constant updates? I check at http://www.dd-wrt.com; is there somewhere else I should be looking?
You’re right, official updates are sparse, thanks for the spotting the needed correction. However, there are various builds that can be compatible for the same router, such as Kong, Eko, Fractal Brainslayer, all available in different builds, which can cause confusion when trying to find the best one for your router. What should be underlined is the need to search for specific compatible and tested builds by router models / chipsets in order to avoid bricking or damaging the hardware.
Actually, there are many quite stable beta builds. For example, this year, to date, there are something like 43 builds. Of these, I’ve tried maybe 30 or so and found all to be quite stable. See the beta tab under Other Downloads, then pick any but the latest, search for your router, and download/install.
Yes. When you visit the web site. Read the forums for your router. It does take a little digging. You will find the main developers have their own FTP servers. This is where you will find all the updates. Some of it will depend upon the popularity of your router. But its not uncommon to find many updates for old routers. Good luck
DD-WRT updates are found in the Beta router firmware ftp://ftp.dd-wrt.com/betas/ , but for practical purposes, it can be IMMENSELY difficult to know which exact upgrades one really needs :/
DD-WRT has common updates/builds for the devices that are more popular its likely that your device is not as commonly updated because there is a smaller user base with it and DD-WRT.
Tomato if you want 5ghz working on your linksys e series router…
also, speed test seems to be nearly identical with wired connection as it does with tomato… with ddwrt speed test is about half… at least with my testing on a 50/50 fios connection…
Thanks I was struggling trying to setup a VPN with OpenWRT but since the web interface did not provided any help (LUCI), and I did not want to configure it through commands, I switched to DD-WRT and setting up the VPN was so much easier… thanks again for the comparison.
Setting VPN on Tomato is even easier and Tomato GUI is much cleaner also.
“Asuswrt-merlin = Third-party version by merlin of Asuswrt. Stripped down version of DD-WRT…”
Actually it’s a stripped down version of Tomato.
I have been looking around for information concerning 3rd party firmware. Love the common sense and efficiency in comparisons
Great info. Thanks!
Thank you for clarifying this. Never flashed a router but I need this for geolocating roku with PIA out of the US. Helped me to narrow down my search to ddwrt for my tplink wr841n router.
To V999.
Simply use a tplink router (they support L2TP Wan connections) cascaded behind your main router. Set up the tplink router to connect to your vpn provider using the L2TP connection mode built in the standard TP-Link firmware.
Then connect your roku to the TP-link router and voila…
NB: my main router is a stock ASUS router. My L2TP router is a 20$ tl-wr702n.
Hope this helps
I just got a Roku 3 I want to use it outside United States. I am buying the TP-link tl-wr702n to connected to.
Do I need to congifure my main router to L2pn in order for me to being able to watch roku US?