Trouble accessing internet after dhcp renewal

[Andreas <andreaja_(_at_)_ifi_(_dot_)_uio_(_dot_)_no>]

Hello,

I installed OpenBSD (3.2-stable) a little over a week ago with the intent 
to use it as a nat/gateway/web/ftp server (home use.) So far everything 
works wonderfully. I've disabled unneeded services. With the help of pf 
I've got the nat working properly. However, my ISP is Chello (cable), who 
are renowned for their lack of reliability. Every now and then the 
connection drops, revived by a simple reboot of the cable modem (power off 
for ~1-5 minutes.) After I rebooted my cable modem today, I'm unable to 
access the internet[1] directly from the OpenBSD box, but it's working fine 
from the nated machine. I had a similar problem (most likely the same) a 
few days ago, but it was gone after a (scheduled) reboot. I also noted that 
unlike the slackware linux install I used earlier, OpenBSD acquires a new 
IP address on dhcp renewal. My current pf ruleset is:

external="rl0"
internal="rl1"

nat on $external from 192.168.100.0/24  to any -> ($external)

pass in all
pass out all
#pass in log all
#pass out log all

Where external is the if to Chello, and internal is 192.168.100.1. I've 
tried adding logging, but I'm afraid I can't make heads or tails of most of it.

Some examples:

$ ftp ulrik.uio.no
ftp: ulrik.uio.no: no address associated with name
ftp>

# tcpdump -n -e -ttt -r /var/log/pflog  | egrep 'ulrik'
Apr 01 08:19:59.621877 rule 1/0(match): pass out on rl0: 
62.179.210.79.37528 > 62.179.100.29.53:  54518+ AAAA? ulrik.uio.no. (30)
Apr 01 08:20:04.630200 rule 1/0(match): pass out on rl0: 
62.179.210.79.34428 > 62.179.100.30.53:  54518+ AAAA? ulrik.uio.no. (30)
Apr 01 08:20:09.640246 rule 1/0(match): pass out on rl0: 
62.179.210.79.13744 > 129.240.64.2.53:  54518+ AAAA? ulrik.uio.no. (30)

(and several more), 62.179.100.29 and 30 are Chello's default dns servers, 
129.240.64.2 is one of University of Oslo's (uio.no) name servers (which, 
quite obviously, should resolve ulrik.uio.no).

# tcpdump -n -e -ttt -r /var/log/pflog  | egrep 'rl0: 62.179.100.'
Apr 01 08:20:00.557265 rule 0/0(match): pass in on rl0: 62.179.100.29.53 > 
62.179.210.79.37528:  54518 0/1/0 (84) (DF)
Apr 01 08:20:05.321472 rule 0/0(match): pass in on rl0: 62.179.100.30.53 > 
62.179.210.79.34428:  54518 0/1/0 (84) (DF)
...
Apr 01 08:22:42.438274 rule 0/0(match): pass in on rl0: 62.179.100.29.53 > 
62.179.210.79.4677:  58678 NXDomain 0/1/0 (92) (DF)
Apr 01 08:22:47.873978 rule 0/0(match): pass in on rl0: 62.179.100.30.53 > 
62.179.210.79.6847:  58678 NXDomain 0/1/0 (92) (DF)
# tcpdump -n -e -ttt -r /var/log/pflog  | egrep 'rl0: 129.240'
Apr 01 08:20:10.178854 rule 0/0(match): pass in on rl0: 129.240.64.2.53 > 
62.179.210.79.13744:  54518* 0/1/0 (84) (DF)
...
Apr 01 08:23:03.650607 rule 0/0(match): pass in on rl0: 129.240.64.2.53 > 
62.179.210.79.34910:  58678 NXDomain 0/1/0 (92) (DF)

So dns doesn't work. From my win2k machine (behind the nat, using UiO's dns 
server), however, I get:

C:\>ping ulrik.uio.no

Pinging ulrik.uio.no [129.240.12.4] with 32 bytes of data:

Reply from 129.240.12.4: bytes=32 time=391ms TTL=248

and so on. Again from the OpenBSD machine:

ftp> ftp 129.240.12.4
ftp: connect: Connection timed out
ftp>

# tcpdump -n -e -ttt -r /var/log/pflog  | egrep 'rl0: .* 129.240.12.4'
Apr 01 08:25:07.749005 rule 1/0(match): pass out on rl0: 62.179.211.128 > 
129.240.12.4: icmp: echo request
Apr 01 08:25:58.491322 rule 1/0(match): pass out on rl0: 
62.179.210.79.13331 > 129.240.12.4.21: S 4110754767:4110754767(0) win 16384 
<mss 1460,nop,nop,sackOK,nop,wscale 0,nop,nop,timestamp 1002866374 0> (DF)
Apr 01 08:25:58.753263 rule 1/0(match): pass out on rl0: 127.0.0.1 > 
129.240.12.4: icmp: time exceeded in-transit
Apr 01 08:26:02.122333 rule 1/0(match): pass out on rl0: 127.0.0.1 > 
129.240.12.4: icmp: time exceeded in-transit
Apr 01 08:26:04.490102 rule 1/0(match): pass out on rl0: 
62.179.210.79.13331 > 129.240.12.4.21: S 4110754767:4110754767(0) win 16384 
<mss 1460,nop,nop,sackOK,nop,wscale 0,nop,nop,timestamp 1002866386 0> (DF)
Apr 01 08:26:05.252678 rule 1/0(match): pass out on rl0: 127.0.0.1 > 
129.240.12.4: icmp: time exceeded in-transit
Apr 01 08:26:08.873285 rule 1/0(match): pass out on rl0: 127.0.0.1 > 
129.240.12.4: icmp: time exceeded in-transit
Apr 01 08:26:16.490107 rule 1/0(match): pass out on rl0: 
62.179.210.79.13331 > 129.240.12.4.21: S 4110754767:4110754767(0) win 16384 
<mss 1460,nop,nop,sackOK,nop,wscale 0,nop,nop,timestamp 1002866410 0> (DF)
Apr 01 08:26:16.680848 rule 1/0(match): pass out on rl0: 127.0.0.1 > 
129.240.12.4: icmp: time exceeded in-transit
Apr 01 08:26:22.376686 rule 1/0(match): pass out on rl0: 127.0.0.1 > 
129.240.12.4: icmp: time exceeded in-transit
Apr 01 08:26:40.490114 rule 1/0(match): pass out on rl0: 
62.179.210.79.13331 > 129.240.12.4.21: S 4110754767:4110754767(0) win 16384 
<mss 1460,nop,nop,sackOK,nop,wscale 0,nop,nop,timestamp 1002866458 0> (DF)
Apr 01 08:26:41.104593 rule 1/0(match): pass out on rl0: 127.0.0.1 > 
129.240.12.4: icmp: time exceeded in-transit
Apr 01 08:26:49.377655 rule 1/0(match): pass out on rl0: 127.0.0.1 > 
129.240.12.4: icmp: time exceeded in-transit

At this point I'm not sure what more information I can give without it 
turning to spam. I've read the FAQ, I've tried google, and I've tried man 
pages. I couldn't find any similar accounts, however, I can't guarantee 
against bugs in read(). Apologies if wordwrapping isn't working properly.

Sincere thanks for all help,
Andreas Jacobsen

[1] - tcpdump shows that pf is logging packets from the internet, but 
programs such as ftp and ping.



#dmsg
OpenBSD 3.2-stable (dungeon) #3: Mon Mar 31 18:59:25 CEST 2003
    andjacob_(_at_)_dungeon_(_dot_)_chello_(_dot_)_no:/usr/src/sys/arch/i386/compile/dungeon
cpu0: Intel Pentium III (Coppermine) ("GenuineIntel" 686-class, 128KB L2 
cache) 601 MHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SYS,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SIMD
real mem  = 133738496 (130604K)
avail mem = 121298944 (118456K)
using 1658 buffers containing 6791168 bytes (6632K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(5d) BIOS, date 04/26/00, BIOS32 rev. 0 @ 0xfb380
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
pcibios0 at bios0: rev. 2.1 @ 0xf0000/0xb808
pcibios0: PCI IRQ Routing Table rev. 1.0 @ 0xfdf00/144 (7 entries)
pcibios0: PCI Exclusive IRQs: 10 11 12
pcibios0: PCI Interrupt Router at 000:07:0 ("Intel 82371SB PCI-ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc0000/0x8000 0xc8000/0x4000!
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82443BX PCI-AGP" rev 0x03
ppb0 at pci0 dev 1 function 0 "Intel 82443BX AGP" rev 0x03
pci1 at ppb0 bus 1
vga0 at pci1 dev 0 function 0 "Matrox MGA G200 AGP" rev 0x01
wsdisplay0 at vga0: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev 0x02
pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01: DMA, channel 
0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <FUJITSU MPE3204AH>
wd0: 16-sector PIO, LBA, 19540MB, 16383 cyl, 16 head, 63 sec, 40019532 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
"Intel 82371AB USB" rev 0x01 at pci0 dev 7 function 2 not configured
"Intel 82371AB Power Mgmt" rev 0x02 at pci0 dev 7 function 3 not configured
rl0 at pci0 dev 9 function 0 "Realtek 8139" rev 0x10: irq 10 address 
00:c1:26:0f:a0:61
rlphy0 at rl0 phy 0: RTL internal phy
rl1 at pci0 dev 13 function 0 "Realtek 8139" rev 0x10: irq 11 address 
00:40:33:d3:2b:69
rlphy1 at rl1 phy 0: RTL internal phy
isa0 at pcib0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
npx0 at isa0 port 0xf0/16: using exception 16
biomask 4000 netmask 4c00 ttymask 4c02
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
dkcsum: wd0 matched BIOS disk 80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302