Disclaimer: If you brick your router by hacking firmware as discussed in this article, I will NOT be held responsible.
Last Update: 2015-7-24
[2015 Note: This router is no longer my primary router. I have already upgraded to Netgear R7000.]
[2015 WARNING: Do not buy this router unless you are prepared to use Korean menus for the latest security fixes.]
TOTOLINK / ipTIME A2004NS is World’s Cheapest 5GHz / 2.4GHz Simultaneous Dual band Wireless 802.11ac 2T2R AC1200 (300Mbps N + 866Mbps AC) Gigabit Ethernet Router that I can find in 2014. What makes it even more surprising is that it has good routing performance despite its unbelievably low price. Before you read further, however, it must be emphasized that this low price is only available in a certain part of the world – China. In China it can be found for under USD40, and sometimes even less than USD30 if there is a promotion. (Note: there are even cheaper AC1200 routers as of this publication, but all of them do not have Gigaibit Ethernet, making AC1200 absolutely meaningless. Why would anyone want AC1200 WiFi to be linked with 100Mbps Ethernet ports, what’s the point?!)
I do not intend to do a traditional router review here. I would, however, summarize my findings based on reading nearly a hundred pages of forum discussions, several existing reviews, and my own experience. Links to relevant resources will also be provided.
TOTOLINK vs ipTIME
ipTIME A2004NS is the Korean version of TOTOLINK A2004NS router. They have the same hardware but the firmware is slightly different. Although I’m sure that the A2004NS units sold in Hong Kong and China at the time of this publication have four 4dBi external antennas (two for 2.4GHz, two for 5GHz), early Chinese reviews of A2004NS strangely mentioned 5dBi antennas instead. In Korea there is a Plus version of A2004NS that seems to have 5dBi antennas. Strangely in 2015 I see some non-Plus version of A2004NS also have 5dBi antennas.
Why it’s so cheap
It’s cheap because it uses a Realtek RTL8197D solution running at 660MHz with 8MB Flash and 64MB RAM, manufactured by OEM Zioncom in Shenzhen, China. Realtek products have been used in other networking equipment like LAN cards, motherboard built-in network port, or USB WiFi dongles for a very long time. However, Realtek-based routers are relatively new. Those who like to see the photos of the hardware inside can look at yesky page 4 and yesky page 5. (Other Realtek-based routers include: D-Link DIR-820L, DIR-825 D1, DIR-850L. Many others can be found in wikidevi.)
leotonch @ HKEPC reported that it uses cheap Chinese capacitors.
We live in a world where we’re monitored by everything. Chinese router backdoor like TP-Link is especially worrying, while an OEM of TP-Link advertises that they have no backdoor to monitor people! Not even American routers are safe.
Unfortunately, it is no exception with TOTOLINK. Known vulnerabilities include:
- Direct multiple RCEs against the routers which give a complete root access to the embedded Linux from the LAN side with a single HTTP or DHCP request ( partially(?) fixed in firmware 9.72(?) )
- Direct RCE against the router which gives a complete root access to the embedded Linux from the LAN side (fixed in firmware 9.58)
- Backdoor found in other Totolink routers (but not A2004NS)
In spite of the vulnerabilities, ipTime / Totolink should be commended for their quick response in releasing firmware 9.78 that fixes (some of?) these issues.
As a 2T2R AC1200 Gigabit Ethernet router with 1 WAN port + 4 LAN ports, and 1 USB 2.0 port, it has many features, some of which one may not expect from a lowest-priced router (standard features not listed):
- Hardware NAT
- VPN PPTP server (single login only, cannot be shared by multiple users at the same time) – instructions by echen @ HKEPC
- DDNS – In TOTOLINK English firmware 9.14, it supports the following types of DDNS: No-IP, ChangeIP, DtDNS, 2221.org, 3322.org, DynDNS. Note: ipTIME firmware does not support No-IP, it only has ipTIME DDNS and DynDNS.
- Support 131072 connections (good for P2P)
- Multiple SSID
- Repeater and WDS – instructions by echen @ HKEPC, TOTOLINK Chinese instructions (Note: chpyeung reports that WDS does not work)
- Wireless scheduler – 2.4GHz and 5GHz WiFi can be scheduled to turn off at specific times individually
- Firewall – includes features like protection against SYN Flood, Smurf, IP source routing, IP spoofing, ARP virus, and blocking of ICMP
- USB 2.0 storage – FTP, SMB and URL services
There are also some features that people asked about are missing:
- IPv6 (according to TOTOLINK Hong Kong)
- VPN multi-login
- USB printer server
- Scheduled reboot
- Built-in BitTorrent client to make use of the USB 2.0 storage
- TOTOLINK Wizard app for Android is not working with this router
Stability for a router is crucial. The majority of forum reports suggest that the router is very stable even with P2P going on. Although I cannot verify whether it really does support 131072 connections stably, I have tried about 2300 connections without any problem. wilson29 @ HKEPC posted a record of 159 day uptime:
(Note: one really early review claims 3 reboots in a 7-day period, but this is not reproduced by any other user report I’ve read, and is disproved by the above screenshot. It is most likely due to faulty hardware and/or early firmware issue, or a faulty power supply, which does look too cheap to be reliable. So I use my own power supply instead of the supplied one.)
However, there are some valid concerns in other areas:
- Weak wireless and associated wireless disconnections or instabilities: (specific to some users with certain devices, more on this below)
- VPN server: I’ve read two or three reports about the VPN server failing after running for a certain amount of time, until the router is rebooted
echen @ HKEPC measured the WAN-to-LAN routing to reach 900Mbps throughput, a very good result for its hardware NAT. Paying much more for an Asus AC-RT68U cannot yield much more throughput, because both are bound by the 1000Mbps Ethernet ports. Korean marketing material for this router specifies 2000Mbps NAT performance, meaning 1000Mbps for each direction in full-duplex.
[2015 Update: Even though A2004NS has proven itself to support P2P with perfect stability, a side effect is that all other clients except that P2P client may not get traffic even when the P2P is far from saturating the internet bandwidth. This is why I replaced it with R7000.]
Wireless Performance – Real World Results
[2015 Update] It’s been a long time since this router has become available cheaply. Many many users have tried it. The consensus is that its LAN routing is great, P2P is great, but the WiFi is weak. 2.4GHz is average to weak, and 5GHz is unstable, especially if passed through a wall. Here’s the real world WiFi performance of A2004NS compared to the best-in-class Netgear R7000 WiF using Nexus 5 (1T1R antenna only; new flagship Android phones and iPad Air 2 have 2T2R antennas should have double the throughput) as tested by wklie @ HKEPC in typical Hong Kong apartment with tons of interference from neighbors:
LAN -> WiFi transfer in Mbps: 5GHz A2004NS | R7000 straight line of sight 58-137 | 187-208 room door open 37-83 | 202-209 room door close 0-37 | 189-209 thru 2 windows 37-67 | 59-104 2.4GHz straight line of sight 41-46 | 58-89 neighbor 2-13 | 7-16
– Download using WiFi Speed Test app 2.1.8 on Nexus 5 Purity 4.4.4 ART
– This is LAN -> WiFi test (WAN and routing are not involved)
– A2004NS ipTIME 9.58
– R7000 V126.96.36.199_1.1.67
– tcpserver 2015-05-29 running on B85 Pro Gamer BIOS 2103 i5-4690K
– Same WiFi channels are set for both routers
– Same locations for both routers and test sites
– Each location is tested at least 6 times for each router
Wireless Performance – Lab Results
For reference, there are previous lab tests (with probably far less interference) which indicate better WiFi performance than the real world results above. Take a look at these links for the results. Although they are not in English, we simply need to focus on the numeric results:
Russian comparison of RT-AC68U, D-Link DIR-825 D1 and TOTOLINK (RTL8197D, so it should mean A2004NS)
I’ll extract the mcplive comparison table here. In these tables, point A, B and C refer to no wall, 3 meters 1 wall, 6 meters 3 walls respectively. In the first table, the left minor column is link speed, the right minor column is signal strength. In the second and third table, the left minor column is upload, and the right minor column is download.
Note: to connect 802.11ac or 802.11n WiFi properly the WiFi encryption needs to be set to WPA2PSK-AES (Recommended).
Quite a number of users experience WiFi disconnections (an Amazon customer review also reported this, but he also wrongly stated that the transmit power cannot be controlled – in fact the router allows setting 1-100% of Tx Power), especially at 5GHz. Some reported disconnection only with a specific smartphone but not other smartphones. I believe this is due to different environment of everyone, manufacturing variance, firmware version and settings (especially WiFi channel).
Known WiFi client incompatibilities:
- Atheros chipset-based clients
- Sony Xperia Z Ultra
If you experience wireless disconnections, try these:
- Choose a different WiFi region (e.g. USA/Canada) and channel (some 2.4GHz clients simply do not support a channel higher than 11. Use a <100 channel for 5GHz.)
- Use a different band of 2.4GHz / 5GHz
- Normally, the encryption should be set to WPA2PSK+AES. You may try other encryption types if you experience incompatibility issues, but beware that they may decrease the throughput, especially WEP or TKIP.
- Reset Tx Power back to 100% (if you have previously lowered it)
- Switch to a different line of firmware (see below)
- Place the router at a different location, preferably in a direct line of sight with the clients
If the wireless client is an Android smartphone, change these client settings as well:
- Keep WiFi On during standby
- Disable Bluetooth
- For Sony Xperia, turn off Settings > Power management > STAMINA mode
If the wireless client is a computer or adapter:
- Disable Power Saving (for some adapters this can only be done in device driver advanced properties)
- Update the drivers
- Change the WiFi region to match the router
It needs to be emphasized that the antenna orientation you see in all photos of this router is wrong, including the one at the top of this article, and the ones on the packaging and all marketing materials – all those photos show that the four antennas stand vertically, causing interference among each other. Discovered by vdx @ HKEPC, the correct orientation can only be found in the online user manual, which states the antennas should be placed at an angle. Even the printed quick setup guide that comes with the units sold in China does not mention it.
WAN Compatibility and Disconnection Issues
A WAN DHCP compatibility issue that has been reported is with (specific modem or setup of) PCCW. To resolve this compatibility upgrade to firmware 9.22 or later.
Some people experience WAN disconnection with A2004NS, but this is easily fixed. The default “Restart DHCP client if the physical WAN link is reconnected” must be turned off if you experience this problem, e.g. for Hong Kong Broadband (HKBN). Interestingly enough, HKBN’s own guide (in English or Chinese) for this router state the opposite – which is wrong.
In addition to the above settings for wireless connections, I have the following suggestions:
- Attach extra rubber feet to improve ventilation
- Use a better power supply to replace the original DC 12V 2A.
A2004NS Firmware Information
No, there is no third party firmware currently. (Check out OpenWrt forum for links to OpenWrt SDK for Realtek.)
However, there are 2 branches and 3 languages of firmware options, resulting in 4 different kinds of stock firmware to choose from:
- TOTOLINK English (Almost always less new than ipTime Korean version)
- TOTOLINK Chinese (Very few and old versions only)
- ipTIME English (up to 9.58 only, no longer provide English version newer after 9.58)
- ipTIME Korean (all versions)
The ipTIME firmware contains more Korean-specific features such as a cloud service, and a web site filter that requires a paid subscription. There are other minor differences as well, such as LED control, DDNS settings, and support for a few more accounts in some services. ipTIME firmware also enjoys a very frequent update in the past 12 months. Strangely, in spite of the router being made in China, there is no update for the Chinese firmware so far since the release of its first firmware dated November 2013. This accounts for worse opinion of this router from mainland Chinese user forums than Hong Kong forums. So there may be some merit when the product claims to be “Designed in Korea”.
The TOTOLINK Chinese and English firmwares are interchangeable. The ipTIME Korean and English firmwares are also interchangeable. To change from TOTOLINK to ipTIME firmware, or vice-versa, it requires hacking the firmware .bin files. If you brick your router by hacking firmware as discussed here, I will NOT be held responsible. If you do brick the router, try the recovery procedure and post your result.
A2004NS Firmware Hacking
This method is discovered by wilson29 @ HKEPC, my interpretation as follows:
- ipTIME English and Korean firmware files contain the string “a2004ns” (hex 61 32 30 30 34 6e 73)
- TOTOLINK English and Chinese firmware files contain the string “za2004s” (hex 7a 61 32 30 30 34 73)
- To change from TOTOLINK firmware to ipTIME firmware, hex edit the target ipTIME firmware to use the “za2004s” string. wklie @ HKEPC provides this hacked ipTIME 9.22 firmware, hacked ipTIME 9.20 firmware, hacked ipTIME 9.18 firmware. wilson29 provides a hacked ipTIME English 8.92 firmware. After doing this one may update to future ipTIME firmware without further hacking.
- To change from ipTIME firmware to TOTOLINK firmware, hex edit the target TOTOLINK firmware to use the “a2004ns” string. supergag @ HKEPC provides a hacked TOTOLINK English 9.14 firmware here. wilson29 provides a hacked TOTOLINK Chinese 8.84 firmware here.
After switching between TOTOLINK and ipTIME firmware, a factory reset is required. To minimize confusion web browser cache should be cleared and the browser should be restarted.
Note that TOTOLINK English firmware has default router IP address of 192.168.1.1, but other firmwares have default router IP address of 192.168.0.1.
Firmware recovery using Windows 7
This section is based my understanding of ipTIME web site generic firmware recovery instructions for (all?) ipTIME routers using Google translate.
- After a failed firmware upgrade, the power LED will flash On and Off on boot up.
- Download several TOTOLINK and ipTIME firmwares to C:\
- Install TFTP Client: Control Panel -> Uninstall a program -> Turn Windows features on or off -> tick TFTP Client -> OK
- Set static IP 192.168.0.2: Control Panel -> Network and Internet -> Network and Sharing Center -> Change adapter settings -> right click Local Area Connection -> Properties -> Internet Protocol Version 4 -> Properties -> set static IP address as 192.168.0.2 and subnet mask as 255.255.255.0 -> OK
- Turn off any firewall or anti-virus on Windows
- TFTP upload: Windows Start -> type “cmd”. In command prompt, type “cd \”, then type “tftp -i 192.168.0.1 put firmware.bin” where firmware.bin is the firmware downloaded previously. If your unit is manufactured with TOTOLINK firmware, try the TOTOLINK firmware first. If you bought it in Korea, try the ipTIME firmware first.
- After “Transfer successful” is printed, wait for 5 minutes for the firmware to be recovered.
- If it does not work, retry with a different firmware
ipTIME A2004NS Firmware Change Log (via Google Translate + human guesses)
[This section is no longer maintained.]
◾ Fix transmission delay with instant messaging KakaoTalk app when using 5GHz WiFi
◾ Fix intermittent internet dropouts
◾ Change default channel for wireless to Auto
◾ Fix Intel AC7260 chipset compatibility issues
◾ Fix “notice / advertisement feature” when using the OK button is invisible in some smartphones
◾ Change “limited Internet access” rules to take precedence in Mac filtering
◾ Fix Cloud Backup Services when using PPPoE and ipDISK
◾ Fix WAN port forward or DMZ setting is not accessible through Windows sharing
◾ Fix MTU values are not saved
◾ Fix 5GHz wireless networks with multiple setting of 802.1x
◾ Fix TWIN IP setting error when internal IP is changed
◾ wireless driver updates
◾ [Connection Guide] / [MAC Address Authentication] Fix broken hostname
◾ USB storage devices -> Settings UI upgrade
◾ Fix FTP server to handle 4GB or larger files
◾ Add ipTIME Cloud Backup feature
◾ Add [ipDISK / FTP server] and [Windows File Sharing Settings] in multi-user (up to 5 ID) function and “read-only” or “read / write” permissions settings feature
- Fix twin IP PC to the Internet
- Fix version 9.04 Notice / ad pages cannot be accessed
- KISA-related security patches
- Fix web site blocking registration UI error
- Add web site blocking service by Plantynet (paid subscription required)
- Add 802.1x based enterprise security features
- Improve UI for the following areas:
Wireless Settings / Security
Multiple wireless network
MAC address authentication
[USB Storage] -> [Services Settings]
- Remove Wireless On options from Wireless Schedule
- Remove unused WPS Settings options
- Wireless Driver Updates
- Fix system reboot if Wireless Bridge mode is used in 8.90
- Fix [IPTV Set] to [public IP address used by IPTV]
- Wireless / Wired driver updates
- IPTV function menu navigation [NAT / router settings -> Other Features Settings] → [Special Features -> IPTV Set] (This function is used for IPTV set-top box, which must be connected to port 4.)
- Reduce time needed to connect the first bridge (1 minute -> 15 seconds)
- Change UI “Network key” -> “Network Password”
- Change Wireless Wizard authentication methods and encryption-related text position
- Fix 5G wireless settings automatic channel set up in channel list
- Fix AP mode to use (WAN port unused) IPTV watching
- Fix twin IP in 8.88/8.86 version
- Fix USB HDD sometimes not recognized at boot time
- Add wireless scheduler
- Add Dynamic Channel Change
- Add SNMP Agent
- UI changes for wireless settings
- Fix Administrative Tools web pages cannot be connected with particular settings
- Fix trigger port
- Fix Hex WEP KEY input method other than the primary key value of 1
- Change default: WAN port DHCP functionality of the physical link disconnection detection restart -> ON
- Wireless Driver Updates
- Fix 2.4GHz Wireless Auto-channel operation
- Fix 5GHz channel 165
- Wireless Driver Updates
- Fix Multicast in AP mode patches
- Fix Mobile ipTIME WOL APP initializing the login password of the router
- Fix wireless mode G & B cannot be set any more
- Fix DMZ is not connected internally to the external IP in 8.70 or later
- Log IP address of the PPTP Client
- Add USB HDD “Device Removal” button
- ExFAT File System Support
- ipDISK service port so that you can manually add UI features ([USB Storage] -> [Services Settings] -> service port)
- Fix ipDISK service settings, and then restart the system when the connection is not smooth NAS Drive
- Support FTP resume
- Allow SAMBA access to USB hard disk in VPN connection
- PPPoE connection speed improvements (max speed: 300 Mbps)
- Fix [NAT / Router Management] -> [Other Features Settings -> Internet Sharing feature
- Fix Router checkbox in the UI looks too small in IE 10.0
- Fix Internal Network Information “use your IP address information,” the wired / wireless information may not be accurate
- [USB Storage] -> [Services Settings] -> [ipDISK (FTP) Service Settings] Add Chinese character set
- [USB Storage] -> [Device Management] have been removed from the device if the device is reusable
- Fix WiFi errors with smartphones
- Fix Windows user ID to set up file sharing service for English Windows7 / 8 in connection
- News / advertising feature
- Add QOS [traffic management] -> [QOS Settings]
- Add [5GHz Wireless LAN Administration] -> [Wireless Advanced Settings] LDPC and STBC option (default ON)
- Change [Traffic management] -> [link Settings / Information], LAN Port 1 to 4 appearance
- [USB Storage] -> [Services Settings] ipDISK (FTP) service to set the default character set to EUC-KR