http://arcani5qce7mhpqnemrmj2mv5dx2qjxnfzw5d3vzuvs5bqlzb65nkbyd.onion/notes/crypto.php
The AllowedIPs attribute limits what traffic can be routed to a peer. wg-quick will automatically create routes to peers based upon each AllowedIPs setting, this can be disabled with Table=off (under the [Interface] section). Other network configuration frontends do not do this by default. Within a WireGuard interface, two endpoints CANNOT share the same network part of an address (AllowedIPs), they must be distinct.