Aloha,
I would definitvly use Wireguard for encrytion!
some questions come into my mind:
-
What Routing protocol do you want to use?
BGP (together with BFD of course for fast failure detection)
or IGP (OSPF/ISIS)
Im not sure, if ISIS would work over a Wireguard tunnel though, maybe then a GRE tunnel over WG
is needed -
Do you need any-2-any connections or just 1-2 Hubs and multiple sites?
-
What do you mean with SD-WAN term?
For me, that means something different, like to find best path ( f.e. lowest delay) path through differen t WAN links -
Link bundling is for me a more a Layer2 feature, so WIreguard will work across them
(But you need to check th bundling hashing algo )
Cheers
Marcel