Those speed tests all look very consistent, it doesn't look like you're suffering any speed loss! You've got the same router as me and I've noticed no slowdowns caused by the router on the gigabit package. I also do numerous port forwards (which all eat into CPU usage on the router) and it doesn't cause any slowdown. I think the ZTE has hardware acceleration for gigabit packet switching as well, so I would expect it to run at full speed with no problems.
When going through the router, any initial spike you're seeing is possibly just due to the router having to set up the session, do port address translation and talk to your computer (whereas when you connect direct your NIC is talking to the Hyperoptic switch in your building). The router may be buffering the initial sent packets then delivering as fast as possible once it's ready to handle the connection, which might be causing that initial 'blip' of higher speeds. Once the router settles down, it can transmit the data at wire speed for the rest of the download, so you notice your speeds immediately return to normal and stay pegged at the true maximum speed.
On the router, you said Firewall you'd tried on various settings - I run mine on Low and leave "anti-hacking" disabled (basically useless). in Filtering, I have everything disabled, DMZ disabled and IPSec switch disabled.
In NetMeter, the very thin spikes (like in
https://postimg.cc/K4LpFf47) I'm 99.9999% certain are just Windows or the app misreporting bandwidth utilisation for that instant. Unfortunately this skews the graph maximum value, and the axis lines are not absolute values, so I can't see what the actual speed is measured as. Re-run the tests and take screenshots while they're happening, not afterwards, then you can see the momentary speeds in NetMeter.
The trick with NetMeter is to watch the second-by-second upload / download speeds while testing (in the bar below the graph). Run a Steam and file download test both when direct into the socket and via the router, I believe you'll see your speeds are pretty much the same (excluding that very brief burst at the start when going via the router).
I wouldn't worry about doing speed tests while people are on Netflix, the router will be able to handle both fine. You'd possibly just notice your speed test dipping slightly as new chunks were downloaded by the Netflix player.
Having a very generous upstream speed - you also get (up to) 150 mbit upload - really helps avoid congestion and buffering. You don't typically suffer the same symptoms of overloaded connections that were common with ADSL and slower cable packages (where you might have 16 or 20 megabits down but only half a megabit up, very quickly that can become saturated just from the packet acknowledgements TCP sends for every received packet).
If the spike isn't caused by the router, it
might be due to the PC being very briefly too busy to adequately process bandwidth usage in real time, this can happen when another process requests a CPU interrupt (which then skews Windows' own calculations) - all sorts of possibilities. That's why watching speed over a longer average and filtering out the 'noise' gives you the accurate reading. However in your case, when you go direct you don't get the spike, so that points me back towards the router as being the 'cause', though in truth you're not losing any speed that I can tell (I'd need more bandwidth numbers to confirm though).
Reason I think your speeds are fine is because in the one 'test via router' screenshot you took while a download was actually running, the speed at that moment was almost 20 MB/sec, which is normal. Better than the quoted package speed still.
https://postimg.cc/K4LpFf47 Run that 1000GB test again a couple of times via router and via direct connection, and expand the graph to show a longer period of time - chances are you'll see the same brief spikes and dips due to upstream congestion which is fairly normal.
Though you've not mentioned speeds during the tests, all the netmeter graphs during file download tests are basically steadily flat across the top, as you'd expect on a line able to max out at full speed. The steady 20 MB/sec is actually about 160 Mbit/sec so you're doing better than the advertised package speed.
I've occasionally experienced a speed test which won't run, usually it's the browser. Typically I can download files or run speedtests repeatedly without issue. It's usually a browser issue if a web-based speed test won't run. Use Chrome in Incognito or flip-flip between Firefox and Chrome, you'll notice as you add extensions or plug-ins that speed may suffer as well, so best to run them in a completely fresh browser with zero extensions.
I had good results with a fresh Firefox install when Chrome started losing about 10% of my speedtest speeds, eventually realised one particular extension was causing Chrome to internally lag and lose efficiency.
If your console or other device is not always achieving full speed, unfortunately, welcome to ultrafast internet. The ISP's network is capable of doing full speeds all the time, but (as they've said to me) as soon as your data passes over the internet, all bets are off. Basically they're not paying for 100% guaranteed maximum bandwidth throughput for every customer from their upstream providers at all times, understandable due to the economics of it. However as a result the providers (who also make their own decisions about how to route traffic through their network) sometimes end up compromising our maximum real world available speeds. Not really anything we can do to improve this, unless you have a server on the far end which also gets its connection via one of those providers, then you can complain to the carriers as a direct customer. Not possible for most people though.
You also notice that many remote systems are incapable of running at your connection's max speed, especially when you start to get above 100 Mbit/sec internet connections. In some cases, servers won't be able to serve content as fast as your connection, or they might be throttling their own speeds to serve multiple users.
Add to this upstream peering agreements your ISP has with 'transit providers' (bandwidth providers to other networks), available bandwidth capacity inside the third party provider networks, plus overall 'busyness' of the systems all contribute to slower than expected speeds. Many factors.
It may be that the XBox downloads from Microsoft's CDN using single-thread downloads (vs. multi-thread downloads like Steam, Ubisoft and others do), at which point you'll notice your speed fluctuating or not maxing out, because it's rare that a single threaded TCP session can utilise the maximum theoretical bandwidth of a link, especially when it has to travel via the Internet taking weird routes through several networks. Nothing you can do about this really.
Am I missing anything else, have you noticed bad speeds at certain times or to specific things, or does this explain what you're seeing? Forgive me if any of it seemed condescending, difficult to know sometimes how much experience people have in networking or the weird ways TCP behaves sometimes.
(Obviously these are only my personal opinions and views as a punter, I have nothing to do with Hyperoptic except they take my money each month for internet)