[chaxor]

Debacle with wireguard? Opnsense has wireguard easily available. Also, it's just base wireguard, so you don't have to go through any extra steps of trying to understand / trust other additions on top of it, which is very nice IMO.

[circularfoyers]

I'm referring to the kernel implementation of it, unless you weren't. But I think you likely are, considering it is now in the mainline FreeBSD kernel. But this took more than 2 years after it was mainlined into the Linux kernel[1], and the delay was largely was because of what happened regarding it's initial implementation[2]. That's the debacle I'm talking about.

[1]: https://www.phoronix.com/news/FreeBSD-WireGuard-Lands-2022

[2]: https://arstechnica.com/gadgets/2021/03/buffer-overruns-lice...