Most likely your problem is caused by the CTF acceleration.I tried disabling NAT acceleration under LAN / Switch Control - which changes the CPU port from 8t to 5t, but it still doesn't fix the MTU issue.
I had a similar issue with both N66U (AP mode) and AC68U (router mode) when I configured a second bridge and a VLAN(4). On N66U, depending on whether I used VLAN1 first or VLAN4 first from the same device, the second connection could not work because the ethernet frames were tagged with the previous VID.
I took a look at the kernel source and saw a call to something called ctf_brc_lkup (and others prefixed with ctf) which I assume is the broadcom bridge routing accelerator. Apparently, their code was getting confused which tag to apply to a frame. As soon as I disabled CTF by enabling IP traffic monitoring on N66, the problem went away since bridge forwarding was relying on the Linux native code rather that the broadcom accelerator.
When I connected N66 to AC68, it started kind of working, but some pages could not get loaded, e.g. google, stopping half way. Occasionally, they did load. Again, if I connected first to the main vlan and then the guest one, the guest stopped working and vice versa. Disabling CTF on AC68 made it all work. I observed the same behavior with a hardware AP.
I also saw that with CTF disabled on AC68, the CPU port changed from 8t to 5t on AC68. It did stay 8t on the N66, perhaps because it is used in the AP mode.
I wonder if anyone managed to make this VLAN tagging stuff work with CTF enabled. Judging by the fact that in all examples with AC68U they used port 5t rather than 8t, the answer is probably 'no'.