π§ kmod = kernel module π§ nft = nftables framework π§ offload = push work to hardware
table inet filter flowtable f hook ingress priority 0 devices = eth0, eth1 chain forward type filter hook forward priority 0; policy accept; ip protocol tcp, udp flow offload @f Use code with caution. When to Use It kmod-nft-offload
: All following packets in that conversation bypassed the King entirely. They zipped through the kingdom at lightning speed, handled by the strategistβs specialized shortcuts. The Result π§ kmod = kernel module π§ nft =
This module enables hardware or software flow offloading within the The Result This module enables hardware or software
: Significant reduction in CPU usage and higher throughput speeds. π οΈ Key Details : Kernel modules. Dependencies : It relies on kmod-nf-flow kmod-nft-nat to function correctly. Firewall Compatibility : It is a core component for , the modern -based firewall in OpenWrt. π¦ When to Use (and When to Skip) kmod-nft-offload High-Speed Fiber Helps reach 1Gbps+ speeds on entry-level hardware. Old/Weak Hardware Offloading saves the limited CPU cycles for other tasks.
| Metric | Software nftables | With kmod-nft-offload | |--------|------------------|--------------------------| | PPS (64B packets) | ~1-2 Mpps | (hardware-dependent) | | CPU usage | 100% (one core) | ~0% for forwarded packets | | Latency | Microseconds | Nanoseconds (wire speed) |