This article explains how to interpret the NPU Offload field in FortiOS session lists.

The following is an example output for a session list captured in FortiOS:

# diagnose sys session list

session info: proto=6 proto_state=01 duration=600125 expire=3585 timeout=3600 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3

origin-shaper=

reply-shaper=

per_ip_shaper=

class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255

state=log may_dirty npu f00

statistic(bytes/packets/allow_err): org=1406688/22871/1 reply=1406629/22870/1 tuples=2

tx speed(Bps/kbps): 2/0 rx speed(Bps/kbps): 2/0

orgin->sink: org pre->post, reply pre->post dev=9->17/17->9 gwy=0.0.0.0/0.0.0.0

hook=pre dir=org act=noop 10.218.3.68:10608->10.228.3.115:179(0.0.0.0:0)

hook=post dir=reply act=noop 10.228.3.115:179->10.218.3.68:10608(0.0.0.0:0)

pos/(before,after) 0/(0,0), 0/(0,0)

src_mac=02:09:65:3a:0d:01  dst_mac=00:09:0f:09:00:03

misc=0 policy_id=1 pol_uuid_idx=14726 auth_info=0 chk_client_info=0 vd=0:1

serial=00000123 tos=ff/ff app_list=0 app=0 url_cat=0

rpdb_link_id=00000000 ngfwid=n/a

npu_state=0x4000c00 ofld-O ofld-R

npu info: flag=0x81/0x81, offload=9/9, ips_offload=0/0, epid=136/128, ipid=128/136, vlan=0x0000/0x0000

vlifid=128/136, vtag_in=0x0000/0x0000 in_npu=1/1, out_npu=1/1, fwd_en=0/0, qid=4/4

The offload field here shows a value of 9/9. This indicates the forward direction and reverse direction, respectively.

See the following table to identify what each possible number value means: