@BuffaloRun As PN Ip's are rather 'sticky', I would try turning your connection off overnight - note the IP you have now, and hope the one allocated in the morning is different.

@BuffaloRun  does your router's log file show the IP addresses that the TCP SYN packets are coming from ?

Years ago I had an issue where my firewall log filled up with thousands of unsolicited SYN packets, which turned out to be a configuration problem with the Plusnet email server's load balancer after an upgrade, which after I reported the fault they eventually fixed. 

I see you are asking how to change your address, note that changing my static IP address wouldn't have cured the problem, as the spurious SYN packets were generated as my Thunderbird IMAP email client interacted with the Plusnet email servers.

I'm wondering if you could identify the source of your blocked incoming SYN packets, whether you could raise a fault report with the sender, or create a firewall rule to quietly handle the annoyance so that your log file isn't overwhelmed ?

.

@outcast A good spot, but I always find simple solutions are easiest to try first. If changing their IP doesn't solve the OP's issue, then obviously we need to look further.

@BuffaloRun 

Hub Two ?

Can you share some of the TCP SYN messages, other than annoying it is not a problem as it the routers firewall reporting these events. Not necessarily an issue 

I suggest checking the SRC of the IP and see who it is? 

Individual IPv4 addresses aren't that 'sticky' (or have recently-ish become less 'sticky'). Allocated IPv4 addresses may come from the same /24 block of IPv4 addresses, which appears to be more 'sticky'.

There's a physical box in the network that you connect to called an MSE (multi-service edge) that allocates you a dynamic IP address from a pool of IPs. Plusnet IP addresses are unique to Plusnet customers and I've seen the MSEs sometimes work in a "last IP in, first IP out" basis. I.e. if you disconnect/reconnect really quick you can get the same IP back.

Getting a different IP can therefore mean hoping that other Plusnet customers also disconnect and reconnect in the same window. A few hours is normally sufficient at most to get a different IP, sometimes just a few minutes.

Are you getting enough SYN attacks to notice any speed or performance issues? We have DDoS protection in place across our customer IP address ranges but there's a threshold of normal traffic before the rules will kick in, we might be able to see how close to the threshold it is.