Kmod-nft-offload ✦ 〈TRUSTED〉

uci set firewall.@defaults[0].flow_offloading='1' uci set firewall.@defaults[0].flow_offloading_hw='1' uci commit firewall /etc/init.d/firewall restart Use code with caution. Limitations and Trade-offs

modprobe nft_offload

The kmod-nft-offload kernel module is a game-changer for high-performance Linux networking. It bridges the gap between the flexibility of nftables and the raw speed of smart NICs. While it requires compatible hardware and careful rule design, the reduction in CPU utilization—often to near-zero for bulk flows—makes it indispensable in data centers, telecom edge nodes, and cloud gateways. kmod-nft-offload