[smoochy]

Can someone please explain: I've been using WireGuard via `wg-quick` command in FreeBSD for quite a while now. What does this commit do?

[detaro]

It adds wireguard support to the kernel.

[smoochy]

Okay, but... what difference does it make? Apart from not having to install it manually? Am I missing something?

[RealStickman_]

Wireguard in the kernel is faster than the userspace implementation. You still have to install the tooling.

[ngetchell]

I believe moving wireguard support into the kernel reduces context switching for the app and greatly improves performance.

[kevans91]

It depends on how you were running before -- if you had the wireguard-kmod package, then yes, the only difference is that you don't have to install it manually. If you only had the wireguard-go pkg before, then see the other responses where you'll now be using the kernel implementation instead of userspace.

edit to note: we can't really provide wg-quick in base at the moment (uses bash-isms), so that still ends up needing installed manually if wg(8) isn't sufficient for your needs.

[jessermeyer]

As others have hinted to -- no userspace copies. No context switches. Vroom Vroom.

[rascul]

If I recall correctly, we went through this on Linux in the past. I believe the first wireguard implementations were userspace while the work was being done to get it in the kernel.