[WireGuard] Header / MTU sizes for Wireguard

[Jason A. Donenfeld]

This mailing list post is out of date. Find updated information here.
Hi Jens,

I assume it was you asking in the IRC channel about this same thing
before signing out? Sorry I wasn't there when you were; I only just
now arrived home.

There actually is some optimization potential for you with regards to
the MTU. The overhead of WireGuard breaks down as follows:

- 20 byte IPv4 header or 40 byte IPv6 header
- 8 byte UDP header
- 1 byte type
- 4 byte key index
- 8 byte nonce
- N byte encrypted data
- 16 byte poly1305 authentication tag

So, if you assume 1500 byte ethernet frames, the worst case (IPv6)
winds up being 1500-(40+8+1+4+8+16), leaving N=1423 bytes. However, if
you know ahead of time that you're going to be using IPv4 exclusively,
then you could get away with 1443 bytes.

Hope that helps,
Jason