Wireguard works as a p2p network, and each peer must be on a /32 because it is specifying a single host, not a network. I don’t know how to explain this better or why the protocol was coded this way. But I did run some experiments recently and proved that it must be /32
2 Likes