> * Unless you want to setup unicast Babel you need an individual port and > tunnel for every Babel connection.
(You mean every Babel neighbour association. Babel is an unconnected protocol.) > Wireguard's secure IP's feature won't allow you to use the peer > discovery broadcast address twice on the same tunnel. Yeah, it makes sense to use point-to-point tunnels only and let Babel do the routing without any interference from Wireguard's routing. > * To dramatically reduce convergence time configure endpoints on both > ends of the tunnel and enable the keepalive feature at an aggressive > sub 10 seconds. That shouldn't make any difference -- Babel should route around the failure after 2 Hellos in a row are lost. (Assuming you don't use link-quality estimation on your tunnels, just RTT estimation.) > End conclusion there is that mips devices struggle a bit with the > encryption but modern ARM devices are very well optimized Yeah. A pity MIPS has been stagnating, it's a nice arch. (But then, Aarch64 looks more like MIPS than ARM.) -- Juliusz _______________________________________________ Babel-users mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/babel-users
