diff --git a/playbooks/install_nftables.yaml b/playbooks/install_nftables.yaml
new file mode 100644
index 00000000000..be41d3bbe35
--- /dev/null
+++ b/playbooks/install_nftables.yaml
@@ -0,0 +1,3 @@
+- hosts: all
+  roles:
+    - nftables
diff --git a/roles/nftables/tasks/main.yaml b/roles/nftables/tasks/main.yaml
new file mode 100644
index 00000000000..e462e68f199
--- /dev/null
+++ b/roles/nftables/tasks/main.yaml
@@ -0,0 +1,43 @@
+- name: Ensure nftables is installed
+  package:
+    name: 'nftables'
+    state: latest
+  become: yes
+
+- name: Switch to nftables binaries
+  shell:
+    cmd: |
+      /usr/bin/update-alternatives --set iptables /usr/sbin/iptables-nft
+      /usr/bin/update-alternatives --set ip6tables /usr/sbin/ip6tables-nft
+      /usr/bin/update-alternatives --set ebtables /usr/sbin/ebtables-nft
+      /usr/bin/update-alternatives --set arptables /usr/sbin/arptables-nft
+    executable: /bin/bash
+  become: yes
+
+- name: Restart nftables service, that will replace iptables(4,6), ebtables and arptables
+  ansible.builtin.systemd:
+    state: restarted
+    name: nftables.service
+  become: yes
+
+- name: Check ipv4 rules, stored by iptables-persistent
+  stat:
+    path: '/etc/iptables/rules.v4'
+  register: ipv4_rules_file
+
+- name: Check ipv6 rules, stored by iptables-persistent
+  stat:
+    path: '/etc/iptables/rules.v6'
+  register: ipv6_rules_file
+
+- name: Restore saved IPv4 iptables rules, stored by iptables-persistent
+  shell:
+    cmd: |
+      iptables-restore '{{ ipv4_rules_file }}'
+  become: yes
+
+- name: Restore saved IPv6 iptables rules, stored by iptables-persistent
+  shell:
+    cmd: |
+      ip6tables-restore '{{ ipv6_rules_file }}'
+  become: yes
diff --git a/zuul.d/base.yaml b/zuul.d/base.yaml
index 2358465d499..e9484660cb5 100644
--- a/zuul.d/base.yaml
+++ b/zuul.d/base.yaml
@@ -92,3 +92,25 @@
       # in base neutron-functional job as that is being used by neutron
       # stadium projects where they need to use stadium project as working dir.
       zuul_work_dir: src/opendev.org/openstack/neutron
+
+- job:
+    name: neutron-tempest-plugin-scenario-linuxbridge-nftables
+    parent: neutron-tempest-plugin-scenario-linuxbridge
+    pre-run: playbooks/install_nftables.yaml
+    vars:
+      devstack_local_conf:
+        post-config:
+          $NEUTRON_CONF:
+            SECURITYGROUP:
+              enable_ipset: false  # Not compatible with nftables
+
+- job:
+    name: neutron-tempest-plugin-scenario-openvswitch-iptables_hybrid-nftables
+    parent: neutron-tempest-plugin-scenario-openvswitch-iptables_hybrid
+    pre-run: playbooks/install_nftables.yaml
+    vars:
+      devstack_local_conf:
+        post-config:
+          $NEUTRON_CONF:
+            SECURITYGROUP:
+              enable_ipset: false  # Not compatible with nftables
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index 1dcb7217bbe..cf32743e31c 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -107,3 +107,5 @@
         - neutron-ovn-tripleo-ci-centos-8-containers-multinode:
             vars: *consumer_vars
             dependencies: *consumer_deps
+        - neutron-tempest-plugin-scenario-linuxbridge-nftables
+        - neutron-tempest-plugin-scenario-openvswitch-iptables_hybrid-nftables