flowtable f hook ingress priority 0; flags offload;
If successful, a tool like perf or top will show near 0% CPU usage while routing traffic.
To help tailor this to your specific deployment, could you let me know: What specific or SoC are you using?
Necessary for performing NAT offload operations. kmod-nft-offload
Here's an example nftables configuration:
You cannot offload ct state established easily because the hardware would need to maintain stateful timers. For true offload, use stateless rules or ensure tc can offload the connection tracking (requires advanced hardware with full conntrack offload, like Mellanox ASAP²).
Are you running , or a standard Linux distribution like Debian/Ubuntu ? flowtable f hook ingress priority 0; flags offload;
As OpenWrt has matured, the way offloading is handled has changed. For instance, in newer kernel versions (5.1+), many IPv4 and IPv6 NAT packages were merged to simplify the codebase.
It accelerates traffic flowing between isolated home networks (e.g., keeping IoT devices separate from local data servers), processing packets at the physical limit of the ports. Technical Trade-offs and Limitations
: The offload fast-path works for your physical ports but not for VLAN sub-interfaces. Here's an example nftables configuration: You cannot offload
: This can be a more complex issue. One effective workaround is to explicitly list your physical ports in the devices list of the flowtable, rather than the VLAN interfaces. Then, create specific rules to exclude the uplink port (which handles the VLAN) from offloading if needed. As seen in community examples, you can create a new flowtable that includes physical ports and then manually add forwarding rules for your VLANs:
To use nft-offload , you define a flowtable in your nftables configuration and associate it with a specific network interface.
Bypassing software queues reduces the physical time it takes for a packet to traverse the router, resulting in more stable ping times for gaming and real-time voice/video applications. kmod-nft-offload vs. Software Flow Offloading
If rules aren’t offloading, check: