OpenWrt seems to dropping DSCP:0x20 [CS1] packets sometimes


I am facing with a strange problem for a while now.
sometimes websites are just stuck loading on my notebook, which is connecting to wifi.
this problem either disappears in a few min, or I have to reconnect to the wifi, and all good again. it happens like 2-3 times a day.

after a series of troubleshooting I have found that the TCP SYN/ACK from the remote server never reaches my pc. [some sites have this problem, like cnn, some like google no issue at all]

I can see the packet leaves the firewall trust interface, I also see the packet on the openwrt eth1.1 and wlan1 interfaces, but I never see it on my pc.

I did not have this issue with the stock firmware, but I remember seeing it with ddwrt on the same router bridge setup.

After playing around a bit, I realized this was not about the SYN/ACK packets, it was about all the DSCP:0x20 [CS1] packets. Now I set all incoming packets to DSCP0 on the firewall, so I hope this is solved, but I am wondering anyone seen anything like this before. might be HW specific, or some hidden but somewhere in the firmware that is triggered in my setup.

any thoughts?

Model: TP-Link Archer C5 v1
Architecture: Qualcomm Atheros QCA9558 ver 1 rev 0
Firmware Version: OpenWrt 18.06.1 r7258-5eb055306f / LuCI openwrt-18.06 branch (git-18.228.31946-f64b152)
Kernel Version: 4.9.120

interfaces are in bridge mode: eth1.1 and wlan1


WAN - disconnected
LAN1: uplink to firewall
LAN2: some device
DHCP: disabled
service : off

update: it has been a few days now, and the problem is completely gone since the QoS change!