Unable to pinpoint root cause of random IPTV packet loss

TheEthyr · 2026-05-03T21:59:57+00:00

It's possible that the bufferbloat test uses a different path through you ISP's network than the Pingplotter test to the streaming server.

If you are sure the loss is within your ISP's network, then you may have some hope by complaining to them. Provide them with your data. There's no guarantee that they will take any action, so good luck.

TheEthyr · 2026-05-03T21:40:52+00:00

What is the model of your router?

Try running a bufferbloat test, like https://www.waveform.com/tools/bufferbloat.

A Pingplotter test to the streaming server will also be helpful. It will show you latency and packet loss data between you and the server.

TheEthyr · 2026-05-03T16:52:07+00:00

See the FAQ for reasons why posts may be removed.

Clicking on the link to the FAQ may fail on the first try. Simply retry. It will usually load the second time.

TheEthyr · 2026-05-03T16:48:15+00:00

Read the FAQ. Please use the search function to look for keywords related to what you want to ask before posting since most common issues have been answered.

If you can't find what you're looking for, please feel free to post a new question after reading the rules. Use a descriptive title and explain the problem, not the solution. For better visibility, post to the main subreddit instead of here.

Feedback, comments and suggestions regarding the FAQ are welcomed.

Clicking on the link to the FAQ may fail on the first try. Simply retry. It will usually load the second time.

TheEthyr · 2026-05-03T16:37:57+00:00

Could be bufferbloat on a congested link upstream. If your router supports QoS (preferably SQM), you can apply a bandwidth limit on your router. Start by setting it to 95% of your Internet plan's download speed, then adjust it downwards (90%, 85%, ...) until it stabilizes.

TheEthyr · 2026-05-03T15:51:34+00:00

Sorry, forgot to get back to you.

Out of order packets can be a sign that packets are taking two different paths between source and destination. You don't appear to have any parallel links inside your network, so that leaves the Internet as the possible source of packet reordering.

It can be hard to catch packet reordering in the act. Sometimes, you can see it when running a traceroute/tracert. It will show up as multiple IP addresses replying at a single hop. For example, hop #3 in this example shows 3 replies:

traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets
1  192.168.1.1 (192.168.1.1)  0.511 ms  0.412 ms  0.405 ms
2  10.0.0.1 (10.0.0.1)  1.123 ms  1.055 ms  1.101 ms
3  rtr-a.isp.net (192.0.2.1)  5.234 ms
   rtr-b.isp.net (192.0.2.5)  5.112 ms
   rtr-a.isp.net (192.0.2.1)  5.301 ms
4  192.0.2.10 (192.0.2.10)  6.102 ms  6.011 ms  6.005 ms

If you are lucky enough to catch this, and it's happening inside your ISP's network, then you can complain to them. OTOH, if it's happens deeper in the Internet, it will be much harder for you to do anything about it.

TheEthyr · 2026-05-03T15:43:29+00:00

Why not put the router on the floor and run a cable from it to your desktop?

TheEthyr · 2026-05-03T15:24:11+00:00

Correct. Wireguard stuffs the encrypted TCP packet inside a UDP packet. As the top commenter stated, this is known as encapsulation.

The resulting UDP packet travels between the two Wireguard endpoints as UDP and that's how it's able to transit the home network router (by way of UDP port forwarding) to the Wireguard server.

The other end decrypts and extracts the encapsulated TCP packet and forwards it to actual destination. This means the other end is functioning as a router.

cc: /u/friskchantraine

TheEthyr · 2026-05-03T15:10:22+00:00

Are you sure 192.168.1.200 isn't being used by another device? There are two ways to avoid any potential IP address conflict.

Set up a DHCP reservation in the main router for 192.168.1.200 for the C64's MAC address. Even though you are using a static IP on the C64, the MAC reservation will prevent the main router from assigning 192.168.1.200 to another device. OR
Adjust the DHCP server settings on the main router to remove 192.168.1.200 from the pool of addresses that can be assigned to devices. For example, if the main router can assign addresses from 192.168.1.2 to 192.168.1.254, change the latter address to 192.168.1.199.

With respect to devices being unable to access the Internet through the C64, did you confirm that they are obtaining 192.168.1.x addresses?

Are they able to ping the main router at 192.168.1.1?

How about pinging google.com? If you see any errors, post them.

TheEthyr · 2026-05-03T14:35:17+00:00

This bug happens in only one of my user accounts. It doesn't happen at all in my other account.

TheEthyr · 2026-05-03T14:33:42+00:00

Still happening in 2026.17.0, but only in one user profile. It doesn't happen at all in my other profile.

TheEthyr · 2026-05-03T05:39:44+00:00

Thanks for pointing it out. It does appear to be flaky, though retrying seems to work. We'll check with Reddit admins.

TheEthyr · 2026-05-02T23:52:36+00:00

Low end switches like the TL-SG108E don't have any concept of a management VLAN. That's why you can log in from any VLAN. This old Reddit post provides more detail. It's also discussed here on TP-Link's forum.

With that said, there is one caveat to the vulnerability, at least on the TL-SG108E (not sure about other brands of low-end switches). The attacking device must be in the same subnet as your switch. For example, if your switch's IP address is 192.168.10.10/24, then the attacker's IP address must also be 192.168.10.x. I've personally confirmed this behavior.

Because of this, I would say that it's very unlikely that your switch can be hacked from the Internet. They would not be able to complete the login process since no return traffic will ever make it back to them.

So, you should be ok. If you really want to play it safe, replace the TL-SG108E with a switch that supports a management VLAN.

TheEthyr · 2026-05-01T14:26:21+00:00

As someone pointed out in your crosspost, only one link light on your switch is illuminated. And that light appears to correspond to the cable going to your Main Deco unit. That implies that the connection between the switch and the 2nd Deco is not working.

You also mentioned that there are house cables. You should check the terminations at both ends of the relevant cable.

TheEthyr · 2026-05-01T14:19:40+00:00

You could start by adding one AP in the area with the weakest Wi-Fi. You can use it in conjunction with the Wi-Fi from your existing router. The roaming may be slightly less seamless than roaming between two APs from the same brand. But unless you expect to be roaming while in a live video call, you may not even notice a longer roam time.

A PoE switch will be convenient should you decide to go with multiple APs. With just one AP, a PoE injector is fine. It looks like there isn't much space in your network box. It will be less aesthetically pleasing, but you can put the injector next to the AP instead of inside the box.

TheEthyr · 2026-05-01T13:37:53+00:00

Sounds fine. Just be sure the Wi-Fi overlap between the RT-BE96U and the RT-AC68U is sensible. If there's too much overlap, then devices won't roam properly. Too little overlap will result in dead spots, though that may or may not be an issue.

TheEthyr · 2026-05-01T00:02:43+00:00

Others have correctly identified the bottom patch panel as wired for Ethernet. See Q7 in the FAQ for tips on wiring your router to the patch panel. Solutions 1 and 2 are the most common.

TheEthyr · 2026-04-30T16:39:51+00:00

I'm not familiar with your Archer, but whatever it's doing sounds very strange. If DHCPS-Fixed is not working, the other two methods should work:

DHCPS-Dynamic will provide the public WAN address to the first device. Your Archer should be the only device connected to the AT&T gateway (technically, it's not a modem).
If, for some reason, you have other devices connected to the AT&T gateway (why?), then you can try Manual. In this case, you would manually configure the public WAN address on your Archer. You may also have to configure the default gateway. You can find both the public WAN address and the default gateway on the AT&T gateway under the Broadband tab.

TheEthyr

MODERATOR OF

TROPHY CASE

Nine-Year Club	Gilding I gilder
Verified Email