I am addicted to streaming audio, and recently noticed that audio streams would cut in and out when I was downloading large files or power surfing. Since my home firewall runs OpenBSD, I turned to OpenBSD’s alternate queueing (ALTQ) to prioritize latency sensitive traffic.
To setup ALTQ, you need to define a root queue and one or more child queue. The root queue contains the interface to queue traffic on, the total bandwidth available to the interface, the scheduler to use to prioritize traffic, and one or more queues to assign traffic to. The following statement sets up an interface macro, and defines the root queue and two child queues for a link with 4 megabits of bandwidth:
# Setup a macro to point to our external interface
ext = "hme0"
# Define the root queue, and assign two priority queues to it
altq on $ext priq bandwidth 4Mb queue { q_streams, q_default }
queue q_streams priority 7 qlimit 100
queue q_default priority 1 priq(default)
In this example, I defined one queue with a priority of 7, and a second queue with a priority of 1. ALTQ contains 15 priority levels, with 15 being the highest priority. To assign traffic to a queue, the “queue” directive can be appended to a firewall rule:
# Prioritize Internet streaming audio over all other traffic
pass out quick on $ext proto tcp from any to any port { 8001, 8070, 9991 } queue q_streams
Once the queues are setup, you can monitor traffic in each queue with the pfctl utility:
$ pfctl -vv -sq
queue q_streams priority 7 qlimit 100
[ pkts: 30264 bytes: 2129533 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/100 ]
[ measured: 7.1 packets/s, 4.08Kb/s ]
queue q_default priq( default )
[ pkts: 23598 bytes: 4604450 dropped pkts: 0 bytes: 0 ]
[ qlength: 0/ 50 ]
[ measured: 77.9 packets/s, 106.37Kb/s ]
Traffic not explicitly assigned to a queue will be placed in the default queue (q_default in this example), which simplifies the firewall rule configuration.
ALTQ is super easy to setup, and is well documented in the OpenBSD PF Faq ( in the section titled Packet Queueing and Prioritization). While I didn’t touch on it here, ALTQ is also an ideal solution for implementing QOS for VOIP communications.