One more correction: this only affects Debian testing and unstable.
Buster was released with systemd v241, which does not have the
regression. I got confused because I got one of my machines into a
borked state that's halfway between stable and testing, and it
included systemd v242.

> > Posting here for posterity, in case someone else encounters this problem.
> >
> > In systemd v242, networkd has a bug
> > (, in which it ignores
> > the `ListenPort` directive in its config files for wireguard
> > interfaces. The results is that even if you specify ListenPort=51820,
> > when you restart networkd it'll assign a random listening port to the
> > wg interface.
> >
> > This can lead to some frustrating debugging where your VPN
> > mysteriously doesn't come up, and it turns out to be because your
> > wireguard server is listening on entirely the wrong port. You fix it
> > with `wg set wg0 listen-port 51820` after networkd has started.
> >
> > Because of systemd's "no patch releases" release cycle, this seems to
> > have been broken since 11 Apr for any distro using an unmodified v242
> > systemd. I discovered this on Debian Buster (the newest "stable").
> > Looks like the fix was pulled into at least NixOS and Gentoo, not sure
> > about other distros. v243 has the fix, and should be releasing Any
> > Time Now.
> >
> > I'm going to file a Debian bug to request a backport of this patch,
> > since I'm guessing they're not going to be upgrading systemd routinely
> > on the stable track. Hopefully it won't bite too many people though,
> > since networkd isn't the default for network configuration on Buster
> > (I'm just an enthusiastic early adopter).
> >
> > - Dave

