hello, one interface = one public key with multiples interfaces we can manage mutliples ip without aliasing, it's more confortable to bind some specific service . statisitiques informations ( bp, error) is more easily to manage with differents interfaces
we are talking about ~ 1000 wireguard interfaces with 500 tunnels (peer) for each . Nicolas 2017-06-14 16:15 GMT+02:00 Jason A. Donenfeld <ja...@zx2c4.com>: > On Wed, Jun 14, 2017 at 3:50 PM, nicolas prochazka > <prochazka.nico...@gmail.com> wrote: >> At this moment, we are using 3000 wg tunnel on a single wireguard >> interface, but now >> we want divide the tunnels by interface and by group of our client, to >> manage qos by wireguard interface, and some other tasks. >> So on in a single interface, it's working well, but test with 3000 >> interface causes some trouble about cpu / load average , performance >> of vm. > > This seems like a bad idea. Everything will be much better if you > continue to use one tunnel. If you want to do QoS or any other type of > management, you can safely do this per-IP, since the allowed IPs > concept gives strong binding between public key and IP address. _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard