DD-WRT vs OpenWRT vs Tomato: Which one is the best firmware for you?

Consumer routers are all shipped with great hardware, but with limited functions. For many, these limitations are a great source of constant irritation. In such cases, third-party firmware solutions become the only option. This post will compare the three main custom firmware: DD-WRT vs OpenWRT vs Tomato

dd-wrt vs openwrt vs tomato

But at first, I must explain some limitations of original firmware for more understanding:

Limitations of manufacturer firmware

  1. Limited coverage: Shorter coverage radius for a wireless network drastically reduces network speeds for clients located further away from the wireless router. Most of them have max transmit power of 20dB (100mW).
  2. Bandwidth control: With stock firmware, network clients are left to their own means on how to distribute the bandwidth. It is also important to prioritize the types of data being transmitted. Clients such as online gamer, VoIP phones, streaming content, for example, require higher bandwidth as compared to those receiving email, or browsing the web. How could you receive an important email while all the bandwidth has been captured by a gamer? This feature is known as Quality-of-Service (QoS) – each service can be granted an access priority – and stock firmware does not support it by default.
  3. Limited security features: With network threats increasing by the day, the stock firmware has to receive updates regularly. Unfortunately, many vulnerabilities take long to be resolved. This is especially so for aging router models, which receive little to no support. In 2014, a security bug in ASUS routers allowed attackers to access the devices from anywhere remotely. Some big player such as Juniper has admitted that its firewalls have backdoor since 2012.
  4. No bandwidth consumption tracking: Most firmware shipped with your device are not capable of tracking bandwidth hogs. This might be an important aspect for networks where clients are assigned bandwidth quotas.


Benefits of custom firmware

There are many reasons you should consider installing a custom router firmware. If you installed a custom firmware on your router, here are some benefits:

1. Optimize bandwidth

As network devices increase – and they usually do, speed becomes a critical consideration. This is because bandwidth has to be distributed more efficiently for each client. Without proper optimization, users can become frustrated with the low speeds experienced. Not each client requires high speeds though. Custom firmware enables tweaking of the bandwidth so that each client get sufficient speeds according to their needs.

2. Increase coverage

Custom firmware is well known for its ability to extend the reach of Wi-Fi signals. This reduces the number of dead spots in your network, as well as reduces hardware costs. This is because you do not need to purchase new routers to extend your network or repeat signals.

3. Allow optimization of particular features

The most important feature that is optimized by custom firmware is stability. For any business that requires access to the Internet, this can be an expensive exercise, when clients are denied access for any amount of time. Most consumer grade routers require rebooting every so often due to performance issues. With Linux-based firmware (custom firmware), this becomes a non-issue.

4. Better LAN security

If it is required of the network administrator to limit access to content on a LAN (Local Area Network), then the custom firmware is the sure way to go. Setting up access restrictions can be used to dissuade personal use of network resources as well as parent control.

5. Port mapping

Routers hide LAN devices from the outside world. Using custom firmware, one is able to make a device accessible to external devices. Open ports are frequently used by gamers, VoIP phones and security cameras that require being partially or fully exposed.



There are many custom firmware available out there, but these guys are the most popular:


Developed in Germany, DD-WRT is an extremely popular Linux-based, open source firmware. Its prevalence is due to its support for hardware developed by many different manufacturers as well as being stable. Asus, D-Link, Linksys, Netgear and TP-Link, just to mention a few, can all run DD-WRT. The firmware enables a limited consumer grade router to shed off its limitations in favor of business-grade-like functionality.


a. Enterprise-class monitoring 

This is a broad feature that encompasses features allowing users to further tune bandwidth use, by studying user needs of the concerned network.

b. Improved Quality of Service:

DD-WRT allows the administrator to better manage available bandwidth. Traffic can be broken down into smaller manageable units. You also have more control over data from different applications. As such you can set different sets of data with different priority levels.

c. Shorter DNS lookup wait

With DNS (Domain Name Service) cache enabled, the conversion of a website address into an IP address (lookup) takes a shorter amount of time. DNS queries are stored on the router’s memory. Future queries do not necessarily need to be resolved by your DNS server as your DD-WRT router would be able to resolve it from memory.

d. Addition of backing storage

DD-WRT allows NAS (Network Attached Storage) devices to be attached to the router. This implies that flash memory and hard drives can be attached and used for storage by all members of a network.

e. Addition of printers

Adding network printers is a great way of cost cutting. Without requiring a printer attached to each network client, one is able to save on hardware costs. DD-WRT support the addition of printers, that remain accessible to all network users.

f. Wi-Fi extension

By adding wireless signal repetition as a feature on your router (wireless bridging), you benefit by extending the Wi-Fi reach of your network.

g. Wake-On LAN feature

This is a feature that allows network devices to be switched on remotely via their NIC card. Other than devices such as servers, there are very few devices that require to be switched on throughout. Booting devices switched off does not have to be done manually as WoL is supported by DD-WRT. You will be required though to enable the feature on your network client as well.


a. Voids warranty

As with any other third party firmware, DD-WRT is not part of the manufactures warranty. Therefore bricking your router while trying to flush out its original firmware would be detrimental to say the least.

Fortunately, many companies have shipped routers with factory-installed, customized versions of DD-WRT (Buffalo Technology is an example). If you want warranty, please purchased from them.

b. A little bit of difficulty to setup

Setting up all these advanced features can be complicated and time consuming. Nonetheless, this would be a small price to pay for the convenience of full access to your hardware. With numerous tutorials and online communities, there is hardly a topic that would lack a solution.

c. Stability can vary.

With lots of features and the exist of multiple builds, the stablity of the router can fluctuate.


2. Tomato

Tomato is an alternative to DD-WRT. It therefore provides most of the great features of DD-WRT. It is most preferred where a lightweight Linux based firmware is required. Just like the other custom firmwares, Tomato turns an ordinary, consumer grade router into a business grade router with an advanced feature set. In contrast to DD-WRT, Tomato provide better balance between performance and features


a. More stability and better performance than DD-WRT.

b. Easy to setup and use

c.  Better network monitoring tools

It has better monitoring functionalities compared to stock firmware. Monitoring bandwidth by IP can be used to identify devices that are heavy bandwidth users. You can even monitor bandwidth consumption on a 24-hour basis. This is presented as a neatly packaged graph recording all network activity.

d. Quality of Service

l allows the administrator to prioritize traffic or types of data. Usually services such as streaming, video conferencing and VoIP calls require uninterrupted connections. They are more affected by dealys in packet arrival than say a loading webpage or incoming email.

e. Bug fixes

Tomato firmware has fixed many of the bugs and vulnerabilities found in all major stock firmware.

f. Increased Wi-Fi strength

Since it supports adjustable antenna transmission strengths, it enables one to increase the radius of a wireless network.

g. Access restrictions

Working hand in hand with monitoring tools, setting access restrictions ensures that clients who exhaust their bandwidth quota do not continue hogging the network resources. Coupled with a user-friendly interface, setting up access restrictionsis a job even for the novice.


a. Supports fewer devices

This is its biggest letdown. Unlike DD-WRT, Tomamto lacks support for many router models.

b. Fewer solutions documented

Compared to DD-WRT, there are far fewer documented solutions. This implies that you might be left to your own means from time to time when you encounter firmware problems.


3. OpenWRT

OpenWRT has quite a different approach to customizing your router. Instead of having a one-solution-fits-all approach, as seen in DD-WRT, OpenWRT only provides an environment in which other packages can be added. This means that other than providing the bear minimum, it also is a fully customizable firmware that allows the user to only pick the features they like. It too is built around Linux and even contains a package manager.


a. Customization

As mentioned, OpenWRT users only install what features they need. Without the bloated software, it becomes easier to manage the selected features.

b. Supports the broadest base of hardware

If you can not find any custom firmware from others, OpenWRT may have one for you.

c. Security features

Unlike other custom firmwares, OpenWRT allows administrators to access and install many security tools on a router. This range from encryption tools to VPN packages. VPN ensures that communication between clients in geographically separate locations remains secure.

d. Great price of Free!

At only $0.00, there is not much to complain about on the pricing.

f. Server software

Through the package manager (Opkg), it is possible to turn your router into a server. Ability to convert your router into an IRC or web server is a great way to cut on utility and hardware costs. It is also possible to setup your router as a secure shell (SSH) server, allowing access via a terminal from anywhere in the world.

g. Virtual Private Networks (VPN)

With OpenVPN on an OpenWRT router, you can share a VPN account with other network users. It is important to note that you can achieve better VPN speeds using OpenWRT than most other firmwares. Needless to say VPN attracts numerous benefits such as granting access even to geographically blocked content and communicate with people around the world with minimal risk.

h. Separating network traffic

OpenWRT supports creation of subnets or routed clients. This is helpful in separating your users into smaller and manageable networks. This feature is commonly used for separating users on a wired network from wireless LAN.


Not as user-friendly as other firmwares

Many users find DD-WRT a lot easier to use than OpenWRT. By default, OpenWRT support Command Line Interface (CLI) only. As such OpenWRT is preferred by experienced users such as network administrators, advanced users… So, it is not for popular users.

In a short conclusion, OpenWRT has a lot going for it. SSH support, QoS, VPN and the ability to host server applications make it quite an attractive offer. Though open to debate, its light weight nonetheless makes it more agile than most other firmware. With over 600 router models listed as supported, it is just the most popular. You will be required to be tech-savvy to have a smoother experience with the platform.



Finally, if you are still wondering which firmware will be the best, just follow these simple rules:

  • DD-WRT = Features + quite easy to install and setup through web interface. Recommended for users who need a lot of control over the network (admins, engineers…).
  • Tomato = Less features than DD-WRT but offers better stability, lightweight and overall performance. Setup is easiest through web interface. Recommended for users who prefer a lightweight alternative to DD-WRT.
  • OpenWRT = All of the above, customizable, but it is hard to setup, require linux skill and using command line interface. Recommended for advanced users.

I have used most of them for my work, and OpenWRT is my only choice now. With OpenWRT, I can do everything that I need, VPN, Firewall (iptables), web interface (LUCI)… and even a IP-PBX. But as mentioned above, DD-WRT and Tomato are a good choice also. DD-WRT vs OpenWRT vs Tomato, which one is  for you? It depends on your need. Now it’s time to download your firmware and start installing:

1. Download DD-WRT firmwares

2. Download OpenWRT firmwares

3. Download Tomato firmwares

If you feel installing a new firmware is some kind of risks, you could consider to purchase a pre-installed one from many vendors.

Recommended routers for custom firmware

For your interested, here are some best wireless routers that you can custom firmware:

Most powerful router

LINKSYS WRT3200ACM – Built with 1.8GHz dual-core processor, 512MB RAM, 256MB Flash, it is compatible with both DD-WRT and LEDE ( a fork of OpenWRT). You can download it’s DD-WRT firmware here

Fastest router

ASUS RT-AC5300 – This router has an impressive design, with 8 antennas looks like a crab. But the most important is its technologies inside: MU-MIMO, 1.4GHz dual-core processor, 256MB RAM and 128MB flash. It is perfect for DD-WRT

Best value router

LINKSYS WRT1200AC – It is a superb router for years, many vendors provide it with pre-flashed DD-WRT firmware, and appears in our list of best wireless routers under 100 dollars. It has 1.3GHz dual-core processor, 256MB RAM and 128MB flash.


One Comment

  1. My mum loves Advanced Tomato and uses it to monitor the network. Everything is running smoothly, I helped her to flash! 😀


Post Comment