hi, after have various tests run with 1:1 connections we want to expand it to multiple connects to one system (linux-based).
due the limitations at least in linux wireguard-IFs can't be part of a bridge-IF, but if we handle all connections with only one wireguard-interface, we have to use a single udp-port for all connections... using same port for all connections means, that for receiving encrypted packets every configured key must be tried, until the right one is found, or is this wrong? so: how many connections are reasonable for a single device, without running in to trouble due to the time trying all the keys? or is there some internal optimization after have found a match by filtering possible keys by src-addr/port, so the complete search is only done at first connection-try? it would be very helpful, to get some information on it here. regards j.
