← Back to context

Comment by rebewhd

2 days ago

While that's true, I'm not sure it's because of something inherent in IPsec vs WireGuard. It's more likely due to the fact that hardware accelerators have been designed to offload encryption routines that IPsec uses.

One wonders what WG perf would look like if it could leverage the same hardware offload.

4 comments

rebewhd

Reply
iscoelho  2 days ago

Exactly this. I would love to see a commercial product with a hardware implementation for WireGuard, but it does not yet exist. IPsec, however, is well supported.

  • kosolam  1 day ago

    Thanks for your answers. I wonder though, from the perspective of a small user that doesn’t have requirements for such bandwidth, how does ipsec compare with wg on other metrics/features? Is it worth looking into?

    • iscoelho  1 day ago

      I'd use WireGuard in that case. The main reason WireGuard is popular at all is because it is approachable. IPsec is much more complicated and is designed for network engineers, not users.

      1 reply →