ARP changes on WAN killing connection, no auto-recovery
Hey everyone. I'm with a fiber ISP for a few months now which worked very stable as long as I had their modem as gateway on the WAN port. A week ago they finally set up the bridge mode I asked for, I now still have the modem inbetween but with a bridged connection directly to the external gateway.
Since then, I experience daily dropouts of my WAN connection that immediately fix themselves when I reload the WAN interface. One evening last week it got so bad that it happened like every 3 minutes. This is when I figured out that it has to do with the MAC of the gateway changing (I assume due to loadbalancing or smth). Whenever this happens, DHCP breaks and I need to reload the interface.
The logs always look like this. 09:49:59 is when I triggered the interface reload.
2026-05-13T09:47:00 Notice dhclient dhclient-script: New IP Address (ix1): 195......
2026-05-13T09:47:00 Notice dhclient dhclient-script: New Hostname (ix1): 7c5a1c846db5
2026-05-13T09:47:00 Notice dhclient dhclient-script: Reason REBOOT on ix1 executing
2026-05-13T09:46:59 Notice opnsense /usr/local/etc/rc.configure_interface: ROUTING: entering configure using wan
2026-05-13T09:46:59 Notice dhclient dhclient-script: Reason PREINIT on ix1 executing
2026-05-13T09:46:59 Critical dhclient exiting.
2026-05-13T09:46:59 Error dhclient short write: wanted 20 got 0 bytes
2026-05-13T09:46:59 Notice dhclient dhclient-script: Reason FAIL on ix1 executing
2026-05-13T09:46:59 Error dhclient My address (195.69.173.56) was deleted, dhclient exiting
2026-05-13T09:44:01 Notice kernel <6>[471538] arp: 195.69.173.1 moved from 00:0e:00:00:01:01 to 00:0e:00:00:01:03 on ix1
2026-05-13T09:42:50 Notice dhclient dhclient-script: Creating resolv.conf
2026-05-13T09:42:50 Notice dhclient dhclient-script: New Hostname (ix1): 7c5a1c846db5
I already tried the following settings that solved similar issues for others, which did unfortunately not help:
* Enable "Skip rules when gateway is down"
* Disable reply-to on WAN rules
* Enable "Dynamic gateway policy" on the interface
Any ideas?