ConnectX-6 NAT hardware offloading in Ubuntu OS

Infrastructure & Networking Adapters and Cables Ethernet Adapter Cards
1

We are planning to set up server using Ubuntu 22.04 LTS OS as our NAT device processing about 20Gbps traffic and 5M packets/second. NAT will be setup using standard Ubuntu iptables.

As a NIC we are planning to use NVIDIA MCX623106AC-CDAT ConnectX-6 D because in datasheet it is writen that it supports NAT hardware offloading.

We have several questions:

  1. When using NAT with iptables on Ubuntu 22.04 LTS do we need to somehow enable hardware NAT offloading in NIC or it will work automatically?

  2. Is there any limits (such as packets/second) for NAT hardware offloading?

2

Hi There,

Thank you for contacting us.
As for now we don’t support iptables offload in NAT

You can you ASAP^2 based on OVS Hardware Offloads Configuration to do the offload work.

https://docs.nvidia.com/networking/pages/viewpage.action?pageId=127764873

For example please refer to the Flow Table Large Group Number:
Offloaded flows, including Connection Tracking, are added to Virtual Switch Forwarding Data Base (FDB) flow tables. FDB tables have a set of flow groups, where each flow group saves the same traffic pattern flows. E.g, for connection tracking offloaded flow, TCP and UDP are different traffic patterns which will end up in two different flow groups. has context menu

Thanks,
Ilan