Skip to main content
kRouter

Compare

Honest, side-by-side.

All five projects share roots in the same problem space: route LLM traffic between providers. They diverge sharply on what they prioritize. Pick by fit, not loyalty.

ConcernkRouter9routerOmniRouteLiteLLMOpenRouter
Cost & license
LicenseMITMITMITMITClosed source
Self-hosted (no data leaves your machine)Cloud only
Cost of the tool itselfFreeFreeFreeFreePer-request markup
Antigravity ban handling
Bootstrap metadata enum typeNumeric (matches binary)String (triggers verify 403)Numericn/an/a
Permanent-ban classifier24h modelLock___allGeneric 1h cooldown
Test-Connection clears every lock
Quota tracking accuracy
Live per-model quota %`||0` paints exhausted as 100% used
Exhausted vs 0% remaining distinctionAmber 'Exhausted • resets in X'Fake red 100% bar
TPM vs daily-quota disambiguation on 42990s TPM cooldown30m flat
Auto-extract wrapped Antigravity usage tokensAuto-backfills historical 0/0 rowsAll rows record 0/0
Routing & retry
Failover engine intelligenceZenith AI scoring (latency + quota mathematical ranking)Dumb fill-first sequential cascadeSequential cascadePriority sequential cascaden/a
Per-provider concurrency limitsKiro 4 · Claude 5 · Antigravity 2FlatTunableTunableProvider-side
Failover latency (RAM layer vs SQLite)< 1ms (Sub-5ms HealthCache RAM layer)~50ms disk lock per failure~10ms edge state~5ms Redis lockn/a
Atomic backoff under concurrencySQLite transactionRace loses increments
MITM intercept (IDE traffic)
MITM stream-layer reliabilityBounds-checked frames, NGHTTP2 → HTTP/1.1 fallbackStream errors as 'Truncated event message'Different design (edge/Deno)
Antigravity / Kiro / Cursor IDE intercept
x-request-source anti-loop marker preserved
Provider features
Thinking config preservation through blacklistTranslates Claude/OpenAI shapeBlacklist strips, never runs
ZWJ obfuscator skips binary fields (images)Corrupts inline_data → 400
Number of supported providers89+40+35+100+100+
Security
SSRF guard on baseUrl (blocks cloud metadata)Edge sandbox
Timing-safe CLI token compare
Per-IP brute-force lockout
Deployment
NPM package@sifxprime/krouter9routerlitellm
Docker imagesifxprime/krouterdecolua/9routerghcr.io/berriai/litellm
Update cadenceHardening fixes 24-72h after reportActive feature devActive independent devActiveActive

Which is right for you?

The honest take.

kRouter

You want the hardening — verify-403 fix, MITM stream recovery, atomic backoff, SSRF guards — without paying for it.

9router

You want the upstream and don't mind hitting the bugs the fork has already patched. Fastest feature cadence.

OmniRoute

You prefer an edge/Deno deployment story and a different MITM stack. Comparable hardening philosophy.

LiteLLM

You need 100+ provider breadth and don't care about IDE intercept. Enterprise SDK pattern.

OpenRouter

You want zero ops, are fine paying a per-request markup, and don't need self-hosting.