Wireguard MTU needs to be adjusted based on MTU of route to peer
Wireguard has an overhead of 60 (IPv4) or 80 bytes (IPv6).
Yesterday I was using a public hotspot and NM configured the MTU of the WiFi interface to be 1440.
It also configured the MTU of the wireguard interface to be 1420.
But: 1440 - 1420 = 20 < 60 (not to mention 80)
The MTU of the wireguard interface was too high, so large packets were not making it through the WiFi interface (e.g. SSH connection over wireguard froze once you started an ncurses client or ran apt update).
NetworkManager needs to monitor connectivity and adjust the MTU of the wireguard interface based on the MTU of the route to the wireguard peer, such that it is always 80 bytes lower (for sake of simplicity).
NetworkManager version used: 1.32.12-0ubuntu2