Kmod-nft-offload May 2026

make M=net/netfilter/ modules insmod net/netfilter/nft_offload.ko

Activation example:

# Enable hardware offload globally
sysctl -w net.netfilter.nf_flow_offload=1
kmod-nft-offload is a Linux kernel module that allows nftables rules to be offloaded directly to network hardware (smart NICs or switches) that support flow offloading.
In simple terms:


🔧 kmod = kernel module

🔧 nft = nftables framework

🔧 offload = push work to hardware


Check if module loaded:
lsmod | grep nft_offload

Driver must advertise offload capability: kmod-nft-offload
ethtool -k eth0 | grep hw-tc-offload
# Must show "on"

Common failures:

Debugging:
echo 'file nft_offload.c +p' > /sys/kernel/debug/dynamic_debug/control
dmesg -w | grep -i offload

Check if the rule actually resides in hardware. 🔧 kmod = kernel module 🔧 nft =
# Show nftables rules (the 'offload' flag should appear)
nft list ruleset
kmod-nft-offload is a Linux kernel module that enables hardware acceleration for nftables rulesets. It works by offloading flow rules to network devices that support flow block offloading (e.g., certain SmartNICs, switchdev drivers, or SoC ethernet controllers).
# Clone / install the module
git clone https://github.com/your-repo/kmod-nft-offload
cd kmod-nft-offload
make && sudo make install
Turn on the hardware offload feature for your interface.
sudo ethtool -K eth0 hw-tc-offload on
sudo ethtool -K eth1 hw-tc-offload on