Reload the ruleset and make sure it loaded correctly (manually check pfctl -sr/-sn/-sq output).
Flush all states (pfctl -Fs) and re-establish a single download from an external server (existing state entries might use no or the wrong queues, and reloading the ruleset does not automatically flush states). Run pfctl -vss, you should see your download as a state entry, with the number of the rule that created the state. Run pfctl -vvsr and verify that the rule that created the download state actually specifies queue (q_def, q_pri). The last matching rule (which creates state) must specify the queues. Just a previously matching rule specifying the queues is not good enough, the last matching one must specify them, too. Compare pfctl -vss, pfctl -vvsr and pfctl -vsq counters during that single connection. Do most (if not all) of your outgoing packets to the server get assigned to q_hig? A single HTTP connection fetching a large file from a fast server is easier to debug this than a complex p2p application, for instance. Daniel
