Slow WiFi upload speed when using Public IP on WAN

Hardware MikroTik hardware general
1

Greetings all

Ok so I was experiencing a slow WiFi upload issue (40 out of 100Mbps) on a multi-WAN setup - and there were too many variables, so I setup the router from scratch with only ISP1, using the following config below. It has exactly the same issue.

ISP1 details: (IP’s masked for privacy) - this is the ISP that gives the slow WiFi upload issue, with the config listed below.
Connect via: Public IP network range: 44.44.44.16/29
Fibre, SFP interface - 100Mbps download; 100Mbps upload.
Ethernet Speedtest: ± 100Mbps download; ± 100Mbps upload.
WiFi Speedtest: ± 100Mbps download; ± 20-40Mbps max upload.

ISP2 details: (not included in sample config, just mentioning this to show that the WiFi AP’s themselves aren’t slow. I don’t believe it is needed, the example below is the complete config I used to try and isolate the issue)
Connect via: PPPoE
Fibre, via FIbrre to Ethernet media converter - 1000Mbps download, 500Mbps upload.
Ethernet Speedtest: ± 1000Mbps; ± 500Mbps upload
WiFi Speedtest: 400+Mbps download, and 400+Mbps upload.

The following has been done

  1. Tested with 5 different WiFi access points on the router - UniFi AC Pro, UniFi AC outdoor, UniFi UAP, Cudy 5G, Tenda
  2. Tested with fresh SSID’s, with no other clients on the WiFi network.
  3. Disabled 2.4GHz WiFi - to test only 5GHz
  4. Tried 80Mhz and 40Mhz wide channels, non DFS.
  5. Tried different ports, cables, and PoE injector for the UniFi
  6. Checked WiFi interference
  7. Tested within 2 meters of WiFi access points
  8. Only used a single AP at a time
  9. Tested with different WiFi client devices.
  10. Used same Speedtest server
  11. Tested device to device with WiFiman app. This also confirms that the AP’s speed is not slow, as I also get around 400Mbps

Config Note: WiFi AP’s plugged into ether4 or ether5
Fibre into sfp1

# 2025-... by RouterOS 7.18.2
#
# model = RB5009UG+S+
# serial number = 
/interface bridge
add name=BR-ISP-fibre
add name=bridge1
/ip pool
add name=dhcp_pool0 ranges=10.1.1.100-10.1.1.254
/ip dhcp-server
add address-pool=dhcp_pool0 interface=bridge1 name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=BR-ISP-fibre interface=sfp1
add bridge=BR-ISP-fibre interface=ether1
add bridge=BR-ISP-fibre interface=ether2
/ip address
add address=44.44.44.18/29 interface=BR-ISP-fibre network=44.44.44.16
add address=10.1.1.1/24 interface=bridge1 network=10.1.1.0
/ip dhcp-server network
add address=10.1.1.0/24 gateway=10.1.1.1
/ip dns
set allow-remote-requests=yes servers=1.1.1.1
/ip firewall nat
add action=src-nat chain=srcnat out-interface=\
    BR-ISP-fibre to-addresses=44.44.44.18
/ip route
add check-gateway=ping disabled=no distance=1 \
    dst-address=0.0.0.0/0 gateway=44.44.44.17 pref-src="" routing-table=\
    main scope=30 suppress-hw-offload=no target-scope=10

I am pretty stumped at this point. Could it be an issue on the ISP side?

I would appreciate further insights or useful troubleshooting steps.

2

Couple of things I notice:

  • Why are you using a bridge on the WAN side?
  • Where is your firewall?
  • How do you want to use your different ISP’s?
  • How do you test?

Especially the latter is important.

3

Thank you for your reply.

  • The bridge is so that other devices connected to the router can also get a public IPv4. For the /29 subnet.
  • I removed the firewall when I tested with the simple script, to remove variables and ensure it wasn't that which was slowing it down.
  • I do believe this is beyond the scope of the question. They will be shared on VLANS.
  • I have so far tested with the methods I mentioned above - And the Speedtest I referred to was Speedtest.net - which always had a server close to the ISP selected.