ovpn-dco is essentially a device driver that allows creating a virtual network interface to handle the OpenVPN data channel.et. DCO accomplishes this by keeping most of the data handling tasks in the kernel rather than repeatedly switching between kernel and user space for encryption and packet handling, also, it adds support for multi-threaded encryption, allowing for even more performance gains.
https://community.openvpn.net/openvpn/wiki/DataChannelOffload
this new type of tunnel requires a compiled kernel module, it can work with openvpn tunnels or uses the new ones. below I share the official repository :
https://github.com/OpenVPN/ovpn-dco
i've tested it on debian 11 with this kernel module 5.10.0-16-amd64 :
openvpn --version OpenVPN 2.6.0 [git:release/2.6/680ba43355f6d9e4] x86_64-pc-linux-gnu [SSL (OpenSSL)] [EPOLL] [MH/PKTINFO] [AEAD] [DCO] built on Feb 1 2023 library versions: OpenSSL 1.1.1n 15 Mar 2022 Originally developed by James Yonan Copyright (C) 2002-2023 OpenVPN Inc <sales@openvpn.net> Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_dco=yes enable_debug=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=no enable_lzo=no enable_management=yes enable_pam_dlopen=no enable_pedantic=no enable_pkcs11=no enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_wolfssl_options_h=yes enable_x509_alt_username=no with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_openssl_engine=auto with_sysroot=no
here's an introduction and extra repository , that are necessary: