Sorry, I meant scale over number of boxes and services, not so much scale over time. Other people in this thread have given some rationale, but: perf, better baseline crypto (you always know what you’re getting), it’s a real network connection so you can talk to hosts with stuff like ICMP, smaller trusted codebase, more confidence in the underlying protocol...