RHEL8 firewalld and nftables

Posted on

From the RHEL8 docs
Chapter 5 covers firewalld
Chapter 6 covers nftables
BUT, the firewalld docs don't mention that firewalld will use (I assume) nftables in the background?
When you get the Chapter 6, it then says
use firewalld for workstations
use nftables for servers
this implies you have to choose one or the other?
On my test system, I selected the "Workstation" role at install time, and the firewalld service is enabled and started, the nft command is also available, but the nftables service is disabled and not started.
If I'd selected a server role at install time, would it skip firewalld and only enable nftables?