By protocol design it incurs a 4%-~50% (1500 byte and 64 byte packets respectively) bandwidth penalty over the internet due to headers. The encryption of the payload is extremely fast though.
I've been trying to setup OpenVPN for ages, and it always eats about 60-80% of the bandwidth. No matter what I try with it, I just cannot get the full speed of my internet connection through the protocol. With Wireguard I haven't noticed any difference. fast.com is as fast with or without WireGuard. I have to say it's the first time in my life I see it working this easily.
EDIT: I'm using it on my Netgear WNDR3800, and my grandmother's Sitecom WLR-4000 (which is a rebranded Sitecom WL-351, which is a rebranded EnGenius ESR9850).
Nothing against vyatta/edgeos but since getting into edge cases requires command line anyway, you can just start there without too much trouble.
(I run a large number of ERs, mostly because you can easily run so much other software on the hardware -- but they're not great devices if you need performance or reliability. "You get what you pay for" absolutely applies.)
Many servers. Can pay with bitcoin. You only get a randomized account number. /128 subnet for IPv6.
A bit less servers. No need to give email. /64 subnet for IPv6.