Using PF + ALTQ in FreeBSD 6.2

Chris Marlatt cmarlatt at
Mon Aug 13 14:05:28 UTC 2007

Dian Candra wrote:
> Yes, it's work with Dummynet well, cause I'm using dummynet for some 
> years. The problem is, with dummynet I could not do "borrow" bandwidth 
> from the parent.
> So, I should move to ALTQ+PF, but unfortunately I'm facing a problem 
> with it.
> Please give me some comment, If I use ALTQ+PF in my router, it's really 
>  could not limit incoming and outgoing traffic from/to my client ?
> Does no one have a bettter experience ?
> regards,
> Dian

I haven't had time to test this idea yet, maybe someone else can shed 
some light on this, but seeing as ALTQ can only queue outbound traffic, 
have you thought about queuing on both your external and internal 
interfaces? Simply changing perspective of the rules?

This is dependent upon pf/ALTQ actually taking two "altq" statements in 
the pf.conf which I'm not certain it can do. It doesn't complain about 
the syntax but like I said before, I haven't tested this yet.

You could also try to use a combination of pf and ipfw. I used such an 
implementation when I needed to do per ip bw limits and needed more 
queues than ALTQ would support. ipfw's "mask src-ip" and "mask dst-ip" 
work nicely for this.

Best of luck in finding a functional solution.



More information about the freebsd-pf mailing list