In 6.48 (I think) a feature was added for "ipsec - refresh peer's DNS only when phase 1 is down". This resolved an issue in older versions where VPN providers with DNS records with short TTLs would disconnect and reconnect after refreshing the DNS record and receiving a different IP, even theough the tunnel was still active and working.
I've just upgraded to 7.8 and the issue is back, so it seems that feature has been removed again.
Is anyone able to confirm this, and is it planned to be reimplemented? Failing that does anyone have a viable workaround other than static DNS records / connecting by IP?