performance: multiple clients on one interface?

uxDWzco-wg at moenia.de uxDWzco-wg at moenia.de
Tue Oct 5 08:39:14 UTC 2021


hi,

after have various tests run with 1:1 connections we want to expand it
to multiple connects to one system (linux-based).

due the limitations at least in linux wireguard-IFs can't be part of a
bridge-IF, but if we handle all connections with only one
wireguard-interface, we have to use a single udp-port for all connections...

using same port for all connections means, that for receiving encrypted
packets every configured key must be tried, until the right one is
found, or is this wrong?

so: how many connections are reasonable for a single device, without
running in to trouble due to the time trying all the keys?

or is there some internal optimization after have found a match by
filtering possible keys by src-addr/port, so the complete search is only
done at first connection-try?

it would be very helpful, to get some information on it here.

regards

j.


More information about the WireGuard mailing list