Hi,
>
>     As the above shows, WG threads are already bound to a particular
>     CPU and this
>     can't be changed.
>
>
> Right, my bad. 

OK. So we have N kernel threads (one per CPU) and one CPU that really
shouldn't do anything but interrupt processing.

That looks like we need an option to limit wireguard to a specific set
of CPUs. That'd be a good option to have in any case, because we don't
want the poor Raspberry Pi (or any other semi-underpowered machine) to
starve everything else when it gets flooded with more wireguard work
than it can handle.

We could then set the network interface's IRQ affinity to one of the
"free" CPUs, and we'd be all set.

-- 
-- mit freundlichen Grüßen
-- 
-- Matthias Urlichs