I am using Wireshark and setting the WRVS4400N external port to mirror to my internal PC port. The WRVS4400N is set up for WAN DHCP on the RCN Cable Provider Network. Every once in a while, the RCN DHCP computer will send out a "DHCP ACK" message [SrcPort:bootps(67), DstPort:bootpc(68)]. The WRVS4400N will respond to the DHCP ACK with both the internal and external MAC addresses. I believe that in the IPv4 environment (No Dual Stack IPv6), the router should only respond with the external MAC Address. I believe this is a security flaw in the WRVS4400N that allows for man in the middle attacks or DHCP spoofing. If you are wanting to use the WRVS4400N in "Paranoid" mode, the quick fix is to use a static IP address and the MAC Address oscillation should stop.