The same goes for the example swanctl config on the same article, “hw_offload=full” does not exist according to the documentation, only “yes, auto, no” are valid options.
This leads me to the conclusion that the article expects me to use some specific software version / Kernel version.
Please follow the below updated article for full IPsec offload configuration. The instructions are for the Bluefiled card, but they should be similar for ConnectX-6 Dx.
The article you referenced shows quite nicely how to get a Mellanox version of strongswan up and running, that’s very helpful.
However, it does not talk about the prerequisites for getting the full offload running: The kernel needs to support it, then configuration via ip xrm should also be possible.
Please let me know how I can get kernel support for the full offloading on a standard Ubuntu 20.04 installation.