diff --git a/ansible/roles/traffic-engine/files/helm/conf/tfe.conf b/ansible/roles/traffic-engine/files/helm/conf/tfe.conf
index 2f634a10..91932f39 100644
--- a/ansible/roles/traffic-engine/files/helm/conf/tfe.conf
+++ b/ansible/roles/traffic-engine/files/helm/conf/tfe.conf
@@ -2,7 +2,8 @@
 nr_worker_threads={{- include "traffic-engine.tfe.workerthread" . }}
 enable_kni_v1=0
 enable_kni_v2=0
-enable_kni_v3=1
+enable_kni_v3=0
+enable_kni_v4=1
 
 # Only when (disable_coredump == 1 || (enable_breakpad == 1 && enable_breakpad_upload == 1)) is satisfied, the core will not be generated locally
 
@@ -202,3 +203,56 @@ maat_redis_db_index={{ .Values.vsys_id }}
 full_cfg_dir=pangu_policy/full/index/
 inc_cfg_dir=pangu_policy/inc/index/
 accept_tag_key=data_center
+
+# for enable kni v4
+[packet_io]
+packet_io_threads={{- include "traffic-engine.sapp.workerthread" . }}
+packet_io_cpu_affinity_mask={{- include "traffic-engine.sapp.cpu-affinity" . }}
+
+firewall_sids={{ .Values.sid.firewall }}
+proxy_sids={{ .Values.sid.proxy }}
+service_chaining_sids={{ .Values.sid.sce }}
+
+# bypass_all_traffic:1 NF2NF and SF2SF
+bypass_all_traffic=0
+
+rx_burst_max=128
+app_symbol=tfe_{{ .Values.app_symbol_index }}
+dev_nf_interface={{ .Values.proxy_config.proxy_nic }}
+
+src_mac_addr = 00:0e:c6:d6:72:c1
+
+# tap config
+tap_name=tap0
+
+# 1.tap_allow_mutilthread=1     load bpf rss obj
+# 2.tap_allow_mutilthread=0 not load bpf rss obj
+tap_allow_mutilthread=1
+bpf_obj=/opt/tsg/tfe/resource/bpf/bpf_tun_rss_steering.o
+# tap_bpf_debug_log: cat /sys/kernel/debug/tracing/trace_pipe
+bpf_debug_log=0
+# 2: BPF 使用二元组分流
+# 4: BPF 使用四元组分流
+bpf_hash_mode=2
+
+# 配置 tap 网卡的 RPS
+tap_rps_enable=1
+tap_rps_mask={{ .Values.tfe_rps_mask }}
+
+# iouring config
+enable_iouring=1
+enable_debuglog=0
+ring_size=1024
+buff_size=2048
+# io_uring_setup() flags
+# IORING_SETUP_IOPOLL	(1U << 0)	/* io_context is polled */
+# IORING_SETUP_SQPOLL	(1U << 1)	/* SQ poll thread */
+# IORING_SETUP_SQ_AFF	(1U << 2)	/* sq_thread_cpu is valid */
+# IORING_SETUP_CQSIZE	(1U << 3)	/* app defines CQ size */
+# IORING_SETUP_CLAMP	(1U << 4)	/* clamp SQ/CQ ring sizes */
+# IORING_SETUP_ATTACH_WQ	(1U << 5)	/* attach to existing wq */
+# IORING_SETUP_R_DISABLED	(1U << 6)	/* start with ring disabled */
+# IORING_SETUP_SUBMIT_ALL	(1U << 7)	/* continue submit on error */
+flags=0
+sq_thread_idle=0
+
diff --git a/ansible/roles/traffic-engine/files/helm/values.yaml b/ansible/roles/traffic-engine/files/helm/values.yaml
index 31db0728..58335a59 100644
--- a/ansible/roles/traffic-engine/files/helm/values.yaml
+++ b/ansible/roles/traffic-engine/files/helm/values.yaml
@@ -175,10 +175,14 @@ sce_config:
   endpoint_mask: 24
   affinity: [1]
 
+proxy_config:
+  proxy_nic: nf_1_proxy
+
 sid:
-  firewall: 1
-  sce: 2
-  shaping: 1005
+  firewall: 1000
+  proxy: 1001
+  sce: 1002
+  shaping: 1003
 
 shaping_config:
   shaping_nic: nf_1_shaping_engine