PF, ALTQ, Priq & RED

Hi All,

This is my first post to this list as I couldnt find the answers I am looking for in the archives.

Ok, I am running FreeBSD 5.3 with PF and ALTQ and am struggling a little with the altq rules a little. Now my questions are:-

If I am running 2 rules for udp packets to be prioritized and I want a specific rule for prioritizing dns udp out to take preference over the generic udp altq out rule, do I need this rule to be above the generic rule and have the quick keyword or doesnt it matter as the dns rule has been given a higher queue number anyways ??

Secondly, if I dont apply the (red) tag to some of my queue's that I want the highest priority to, and I apply (red) to queue's with lower priorities, does this mean traffic on the lowests queue's could be dropped while none would be dropped on queue's where (red) is not specified ??

I hope I have posted the relevant rule information below, if its not enough then i'll post more if needed.

Thanks for your help.


pass out on $ext_if proto icmp from all $udp_opts queue q_icmp_out
pass out on $ext_if inet proto udp from $ext_if $udp_opts queue (q_out, q_ack_out)
pass out on $ext_if from any to $vpn_addr queue q_vpn_out
pass out on $ext_if proto udp from $ext_ip port = 53 to any $udp_opts queue q_dns_out
pass out on $ext_if proto tcp from $ext_ip port = 53 to any $tcp_opts queue q_dns_out
pass out on $ext_if proto tcp from $ext_ip port = 80 to any $tcp_opts queue q_http_out
pass out on $ext_if proto icmp all $udp_opts queue q_icmp_out
pass out on $ext_if proto udp all $udp_opts queue q_udp_out
pass out on $ext_if proto tcp all $tcp_opts queue {q_out, q_ack_out}

altq on $ext_if priq bandwidth 220Kb queue { q_out, q_http_out, q_dns_out, q_vpn_out, q_mail_out, q_wwwb_out, q_dnsb_out, q_udp_out, /
q_voip_out, q_icmp_out, q_ack_out }
queue q_ack_out priority 15 priq(red)
queue q_icmp_out priority 14 priq(red)
#queue q_voip_out priority 13 priq(red)
queue q_udp_out priority 12 priq(red)
queue q_dnsb_out priority 11 priq(red)
queue q_wwwb_out priority 10 priq(red)
queue q_mail_out priority 9 priq(red)
queue q_vpn_out priority 4 priq(red)
queue q_dns_out priority 3 priq(red)
queue q_http_out priority 2 priq(red)
queue q_out priority 1 priq(red default)