FreeBSD packet filter (pf) - ALTQ

PF logo FreeBSD logo

Alternate queuing (ALTQ) is a framework that allows to shape network traffic.

It was originally developed as part of the KAME project by Kenjiro Cho <kjc@FreeBSD.org>. OpenBSD picked it up and invented a nice way to integrate certain parts of ALTQ with pf, making it a lot more easy to manage. These changes were synced back to the KAME project and are now the de-facto standard for everyday use of ALTQ (know as "pf_mode"). The original ALTQ3_COMPAT code and /dev/altq have still some relevance for scientific disciplines, though.

FreeBSD did not import ALTQ until June 12th 2004, but porting efforts have been available for a long time (around FreeBSD 4.2?) - most notable http://www.rofug.ro/projects/freebsd-altq/.

The ALTQ version imported into FreeBSD that imports is pf_mode only. This descision was made because:

  1. FreeBSD 5 uses fine-grained locking and /dev/altq is hard to lock.
  2. Same applies for the standalone classifier.
  3. We see no real benefit in the ALTQ3 approach.

Other firewalls (such as ipfw and ipf) could be used to classify for this version of ALTQ as well. The API is well-defined and it should be trivial to come up with a patch for ipfw especially since it already does something alike for dummynet.

Dummynet provides a completely different way of traffic shaping, which we consider inferior to the ALTQ aproach for some very common applications. It has its strenght as well, where ALTQ lacks functionality. This is a fundamental difference in design which is why we believe that dummynet just is not enough for all applications. The fact that dummynet is very closely coupled with ipfw makes it hard to utilize from pf and further creates the want for ALTQ in FreeBSD.

Main FreeBSD PF page.