One more correction: this only affects Debian testing and unstable. Buster was released with systemd v241, which does not have the regression. I got confused because I got one of my machines into a borked state that's halfway between stable and testing, and it included systemd v242.
- Dave On Mon, Sep 2, 2019 at 12:42 PM David Anderson <[email protected]> wrote: > > Seems to be known to Debian: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936198 . I'm not > super familiar with Debian's development process, but I _think_, from > that bug + the systemd debian repo's state, that the fix is now > submitted and pending upload to unstable, after which it should flow > backwards over time into Buster. > > - Dave > > On Mon, Sep 2, 2019 at 12:26 PM David Anderson <[email protected]> wrote: > > > > Posting here for posterity, in case someone else encounters this problem. > > > > In systemd v242, networkd has a bug > > (https://github.com/systemd/systemd/issues/12377), in which it ignores > > the `ListenPort` directive in its config files for wireguard > > interfaces. The results is that even if you specify ListenPort=51820, > > when you restart networkd it'll assign a random listening port to the > > wg interface. > > > > This can lead to some frustrating debugging where your VPN > > mysteriously doesn't come up, and it turns out to be because your > > wireguard server is listening on entirely the wrong port. You fix it > > with `wg set wg0 listen-port 51820` after networkd has started. > > > > Because of systemd's "no patch releases" release cycle, this seems to > > have been broken since 11 Apr for any distro using an unmodified v242 > > systemd. I discovered this on Debian Buster (the newest "stable"). > > Looks like the fix was pulled into at least NixOS and Gentoo, not sure > > about other distros. v243 has the fix, and should be releasing Any > > Time Now. > > > > I'm going to file a Debian bug to request a backport of this patch, > > since I'm guessing they're not going to be upgrading systemd routinely > > on the stable track. Hopefully it won't bite too many people though, > > since networkd isn't the default for network configuration on Buster > > (I'm just an enthusiastic early adopter). > > > > - Dave _______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
