Yup, my network card limitation. Can only support up to 1Gbps. But still at least speedtest I should get 999Mbps. haha

Yes normally you will slightly more than subscribed. Looks like this is a more conservative tune. A variance of about ±5% is typical amongst ISPs but for Unifi this is rather uncommon. Get a technician to come configure again maybe.

Wait a minute, TP-LINK AX6600.right? I assume the 2.5G port is used for WAN, and you connected wired or wireless? The 3 LAN port is only 1G ports so 930+ is normal take into consideration of internal lost.

.
AFAIK: .......

Since PM6 Najib's era (2009- ), the ISPs have been doing DNS blocking/filtering and DNS hijacking. How.?

By default, Internet subscribers use the DNS servers provided by the ISPs to find the IP address of the website they intend to visit. When the ISP (as instructed by the government) wishes to block a website from their subscribers, the IP address of that blocked website is filtered/blocked by the ISP's DNS server.
....... This DNS blocking/filtering can be bypassed by the subscriber manually selecting a Private DNS server in his/her OS Settings or Router Settings, eg Google8888, Cloudflare1111, AdguardDNS, OpenDNS, Comodo, Level3, AlternateDNS, etc.
....... The ISP can then stop this bypass method by doing DNS hijacking of the popular Private DNS servers, eg Google8888, Cloudflare1111 and AdguardDNS. MCMC called this DNS redirection(sic), not DNS hijacking. Less popular Private DNS servers were not hijacked. This was put into effect for all the ISPs by MCMC in early Aug 2024.

Again, this DNS hijacking can be bypassed by the subscriber manually selecting (encrypted) Secure DNS or DoH (DNS over HTTPS) in his/her browser Settings or by him/her manually selecting DoH or DoT or etc in his/her Router Settings.

So, on 4 Sep 2024, TM Unifi Fibre stopped this Secure DoH/DoT bypass method by doing IP blocking/hijacking (or BGP hijacking.?) of the popular Private DNS servers, eg hijacking the IP addresses of Google8888, Cloudflare1111, Quad9999, AdguardDNS, etc.. This affected many professional workers and businesses who were unable to connect to the Internet or www, unless they or their IT Admins have manually changed their Secure  DoH or DoT servers to the less popular Private DNS servers, eg NextDNS, ControlD, etc, or were using a VPN or Proxy-server.
....... Hence, after some pushback, on 10:10pm, Friday, 6 Sep, MCMC instructed TM and the other ISPs to stop their IP blocking/hijacking and DNS hijacking - temporarily.?.

Presently, it's back to before early Aug 2024, ie only DNS blocking/filtering on the ISP's DNS servers of "undesirable" websites is in place.
.

Note that the ISPs can do further blocking with Deep Packet Inspection, spyware, keywords filtering, etc, ala the Great Firewall of China of the CCP. .......

https://en.wikipedia.org/wiki/Great_Firewall
.

I see, so I have to open Chrome and find the secure DNS setting, enable it?

Yup, 2.5G port for WAN. Connected using LAN cable to my PC. But I think the limitation is with my network interface card on my PC. The max can go 1Gbps.

Assuming, your router is Archer GX90 as TP-Link has a fewAX6600 rated routers...
1× 2.5 Gbps WAN/LAN Port
1× Gigabit WAN/LAN Port
3× Gigabit LAN Ports

The connection between the ONR/modem and your router will be 2.5Gbps BUT the connection between your router and your PC will be limited to 1Gbps.

When the LAN ports are all 1Gbps, the max speedtest results will be  ±940 Mbps.

Yeah, so technically if i change my network interface card on pc to a higher speed model, theoretically I can get more than 940Mbps on the speed test right?

No, both your router's LAN ports and PC network interface must be 2.5Gbps.

Eg. this router's specs below...
1 x 10Gbps for WAN/LAN ------to ONR/modem ✔
1 x 2.5Gbps for WAN/LAN ------to ONR/modem ✔

1 x 10Gbps for LAN -------to PC ✔
3 x 2.5Gbps for LAN -------to PC ✔

1 x RJ45 10/100/1000Mbps for LAN -------to PC ✗

Means i need to buy a 2.5Gbps network interface card

Yup, 2.5G port for WAN. Connected using LAN cable to my PC. But I think the limitation is with my network interface card on my PC. The max can go 1Gbps.

Means i need to buy a 2.5Gbps network interface card

Not just your card. It's the 1G port on the router too. Your speed is limited by it. Nowadays there are plenty of cheap 2.5G switches from AliExpress. It's something you can consider if you ever consider getting wired connection to your devices, ie wifi 6E/7 APs, computers etc. But kinda moot because you only have a single 2.5G port.

You need to buy a new router with 2.5Gbps or faster LAN ports and a 2.5Gbps network interface card.
Eg. for TP-Link the only router that has 2.5Gbps or faster LAN ports is the Archer GE800.
1× 10 Gbps SFP+/RJ45 Combo WAN/LAN

1× 10 Gbps WAN/LAN

4× 2.5 Gbps LAN  <<<================

I think my router is OK dy. It supports 2.5Gbps

What is the exact model of your router?

You need a new router.

This router only supports 2.5Gbps on the WAN side.
It only has 1Gbps on the LAN side.

1× 2.5 Gbps WAN/LAN Port <<========= ✔
1× 1 Gbps WAN/LAN Port

BUT

3× 1 Gbps LAN Ports  <<=========== ✗

When I went to TMPOINT last week, I play-play saying I want to terminate because I already registered with Astro Fibre. hehe. Maybe that's why they can approve immediately.

Just want to share some info regarding this matter because I already saw the current internal pdf for the current offer. Some nice and polite TM staff from TM point showed me.

The 300Mbps RM99 (excl. tax) and 1Gbps RM159 (exl. tax) are part of Tier 3 and Tier 4 offer. TM made these Tier 3 & 4 offers specifically to counter offer Maxis or other customer that want to switch to other ISP.
I saw only 300Mbps and 1Gbps on the table for Tier 3 & 4. Other speeds are left blank, means no offer.

I saw some keynotes below the table stated that after 2 years contract finish, The Tier 3 & 4 offers will auto change speed meaning 300Mbps will become 100Mbps for the RM99 (excl. tax) and 1Gbps will become 500Mbps for the RM159 (excl. tax) packages respectively. So that is the catch for Tier 3 & 4.

For the Tier 2, it is the normal SWU we already know about. For example , if 300Mbps RM129 (excl. tax) will be reduce to RM119 (excl. tax). But this Tier 2 package will come with the postpaid Unifi mobile plan RM39 (excl. tax) per month and you have to pay first month whether you want to use it or not and can cancel it after the 1st month. And also includes the free 6 months and new router.

I don't read the whole pdf so I don't know the further difference in detail between Tier 3 and Tier 4. Maybe some TM staff in here can shed some light if they want to expose themselves 

So thats it, choose wisely before making any decision.

Just want to share some info regarding this matter because I already saw the current internal pdf for the current offer. Some nice and polite TM staff from TM point showed me.

The 300Mbps RM99 (excl. tax) and 1Gbps RM159 (exl. tax) are part of Tier 3 and Tier 4 offer. TM made these Tier 3 & 4 offers specifically to counter offer Maxis or other customer that want to switch to other ISP.
I saw only 300Mbps and 1Gbps on the table for Tier 3 & 4. Other speeds are left blank, means no offer.

I saw some keynotes below the table stated that after 2 years contract finish, The Tier 3 & 4 offers will auto change speed meaning 300Mbps will become 100Mbps for the RM99 (excl. tax) and 1Gbps will become 500Mbps for the RM159 (excl. tax) packages respectively. So that is the catch for Tier 3 & 4.

For the Tier 2, it is the normal SWU we already know about. For example , if 300Mbps RM129 (excl. tax) will be reduce to RM119 (excl. tax). But this Tier 2 package will come with the postpaid Unifi mobile plan RM39 (excl. tax) per month and you have to pay first month whether you want to use it or not and can cancel it after the 1st month. And also includes the free 6 months and new router.

I don't read the whole pdf so I don't know the further difference in detail between Tier 3 and Tier 4. Maybe some TM staff in here can shed some light if they want to expose themselves 

So thats it, choose wisely before making any decision.

wow, so .2 is better ka? Block malware.