UPDATE! Remove the package luci-app-upnp and goodbye to the problem! (The Solution)
.
I have 3 routers one with LEDEv17.01.4 (Netgear R7800), another with Tomatocompiled by @kille72 (Netgear R7000) and DD-WRTv24 Build 21061 (E900)
I do not know why only via LAN to LAN and WDS I have packet loss and ping spikes. Example:
In League of Legends Every two minutes this happens, the movement of the game stops for a second and my ping goes up from 50 ms to 200 ms+ and then it starts to decrease.
. Here I show you some tests I did:
(with SQM and without SQM, and i get the same results)
Good:
I have no problem
Modem > LEDE Router > Computer
Modem > Tomato Router > Computer
Modem > DD-WRT Router > Computer
When I connect the computer to the routers by Wired or Wireless, I have no problem.
. LAN to WAN
Modem > LEDE Router > Tomato or DD-WRT Router > Computer
I have no problem by Wired or Wireless.
How I have it connected: LEDE (192.168.1.1 with the DHCP enabled) to Tomato or DD-WRT (192.168.2.1 with the DHCP enabled)
. Wireless Client
Modem > LEDE Router > Tomato or DD-WRT Router > Computer
I have no problem by Wired or Wireless
How I have it connected: LEDE (192.168.1.1 with the DHCP enabled) and Tomato or DD-WRT (192.168.2.1 with the DHCP enabled)
.
Bad:
I have packet loss and ping spikes
LAN to LAN
Modem > LEDE Router > Tomato or DD-WRT Router > Computer
I have packet loss and ping spikes by Wired or Wireless.
How I have it connected: LEDE (192.168.1.1 with the DHCP enabled) to Tomato or DD-WRT (192.168.1.2 with the DHCP disabled)
. Wireless WDS Repeater
Modem > LEDE Router > Tomato or DD-WRT Router > Computer
I have packet loss and ping spikes by Wired or Wireless.
How I have it connected: LEDE (192.168.1.1 with the DHCP enabled) and Tomato or DD-WRT (192.168.1.2 with the DHCP disabled)
Sounds like a DNS server issue [at least to me]. My guess is something to this effect is happening:
PC makes DNS request to Tomato/DD-WRT router
Tomato/DD-WRT router searches LAN for DNS, fails, searches again, fails, then shoots the request to LEDE Router
LEDE router sends the request to WAN, receives connection back, then the reverse repeats.
The reason it would go down in milliseconds is the traffic path would be learned for that ping attempt, but not for all others after it.
The reason it works with DHCP enabled on the Tomato/DD-WRT router would be because the DNS server on each would be processing the DNS request and correctly routing it.
It's likely the DHCP/DNS Server are one and the same on the Tomato/DD-WRT routers, and there should be a way to disable DHCP without disabling the DNS portion of the server.
I already tried but it does not work with 192.168.1.1 or 8.8.8.8 in the DNS section of Tomato/DD-WRT routers. LEDE has 8.8.8.8 and 8.8.4.4 from the first day!
then I imagine LAN port of LEDE router to other router LAN ports... and/or via WDS from LEDE router to wireless LAN of other routers.
is that about right?
ALSO: if that's right, then hopefully only DHCP is running on LEDE router and other routers have DHCP off... otherwise you may be fighting every few minutes to get a new non-compatible lease from random DHCP server.
I already discovered what was wrong!
It was the package luci-app-upnp
It works well in:
Modem > LEDE Router > Computer
But it does not work on LAN to LAN or WDS:
Modem > LEDE Router > Tomato/DD-WRT Router > Computer
if I deactivate Start UPnP and NAT-PMP, I have no problem, if I connect the computer via LAN to LAN or WDS, the movement of the game never stops for 1 second and my ping never goes up in League of Legends, Clash Royale, ETC!
I remove the package luci-app-upnp and goodbye to the problem! (The Solution)
Example:
I have connected the computer to the Tomato Router
Modem > LEDE Router > Tomato Router > Computer LEDE (192.168.1.1 with the DHCP enabled) and Tomato (192.168.1.2 with the DHCP disabled)
.
Now I do not know how to open ports for Xbox One and PlayStation 4 in LEDE
UPnP should never be utilized and should be completely uninstalled from the router as it's a major security issue.
UPnP, like WPS [which should also never be utilized], is provided out of convenience to the user too... lazy (for lack of a better word) to spend a few minutes setting up port redirects
UPnP is for WAN only and has zero function for LAN to LAN connections, i.e. there's no purpose to running UPnP on routers downstream from the WAN facing router as it will have no way to open WAN ports when it's receiving an RF1918 IP address for WAN, hence your problem.
. /etc/config/firewall
There may be specific games which require additional ports to be configured for port redirects.
Ports 465, 993, 3658, 5223, 6000-7000, 9293, & 10070-10080 may also need to opened according to this write up
When it comes to port redirects, less is better, i.e. do not blindly forward ports, such as the ones listed above, unless you find that you need to.
Additionally, extreme caution should be utilized when you see a wide port range, such as the 6000-7000 above, as there's no way a PlayStation [any version] requires a block of 1,001 ports for WAN access to other NAT2 devices.
Ports 53, 80 & 443 do not need to forwarded, as the router will automatically allow access for DNS [53], HTTP [80], & HTTPS [443] traffic