feat: support p2p connect via ipv6

Author: ICKelin

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "rustun"
-version = "0.1.0"
+version = "0.0.1"
 edition = "2024"
 
 [dependencies]
@@ -24,6 +24,9 @@ ipnet = "2.10"
 clap = { version = "4.5", features = ["derive"] }
 ureq = "2.10"
 
+[dev-dependencies]
+tokio-test = "0.4"
+
 [[bin]]
 name = "server"
 path = "src/cmd/server.rs"

Cargo.toml

@@ -19,6 +19,7 @@ A high-performance VPN tunnel implementation written in Rust.
 - 🔐 **Secure by Default** - AEAD encryption (ChaCha20-Poly1305), perfect forward secrecy, replay protection
 - 🚀 **Simple & Easy** - Minimal configuration, straightforward CLI, quick deployment
 - 🌍 **Cross-Platform** - Native support for Linux, macOS, Windows with pre-built binaries
+- ⚡ **IPv6 P2P Direct Connection** - Automatic peer-to-peer connection with relay fallback for optimal performance
 - 🎯 **Multiple Encryption Options**
   - **ChaCha20-Poly1305** (Default, Recommended)
   - **AES-256-GCM** (Hardware accelerated)
@@ -32,7 +33,6 @@ A high-performance VPN tunnel implementation written in Rust.
 - [Configuration](#configuration)
 - [Usage](#usage)
 - [Build from Source](#build-from-source)
-- [Architecture](#architecture)
 - [Security](#security)
 - [Contributing](#contributing)
 
@@ -72,17 +72,17 @@ Each release includes:
 **Linux/macOS:**
 ```bash
 # Download and extract (example for Linux x86_64)
-wget https://github.com/smartethnet/rustun/releases/download/v1.0.0/rustun-v1.0.0-x86_64-unknown-linux-gnu.tar.gz
-tar xzf rustun-v1.0.0-x86_64-unknown-linux-gnu.tar.gz
-cd rustun-v1.0.0-x86_64-unknown-linux-gnu
+wget https://github.com/smartethnet/rustun/releases/download/0.0.1/rustun-0.0.1-x86_64-unknown-linux-gnu.tar.gz
+tar xzf rustun-0.0.1-x86_64-unknown-linux-gnu.tar.gz
+cd rustun-0.0.1-x86_64-unknown-linux-gnu
 
 # Make binaries executable
 chmod +x server client
 ```
 
 **Windows:**
 ```powershell
-# 1. Download rustun-v1.0.0-x86_64-pc-windows-msvc.zip from releases
+# 1. Download rustun-0.0.1-x86_64-pc-windows-msvc.zip from releases
 # 2. Extract to a directory
 # 3. Download Wintun from https://www.wintun.net/
 # 4. Extract wintun.dll to the same directory as client.exe
@@ -234,6 +234,10 @@ Options:
           Encryption method: plain, aes256:<key>, chacha20:<key>, or xor:<key>
           [default: chacha20:rustun]
 
+      --enable-p2p
+          Enable P2P direct connection via IPv6
+          (disabled by default, uses relay only)
+
       --keepalive-interval <KEEPALIVE_INTERVAL>
           Keep-alive interval in seconds
           [default: 10]
@@ -265,6 +269,33 @@ Options:
 ./client -s SERVER:8080 -i client-001 -c plain
 ```
 
+### P2P Direct Connection
+
+By default, all traffic goes through the relay server. Enable P2P for direct IPv6 connections between clients:
+
+```bash
+# Enable P2P direct connection
+./client -s SERVER:8080 -i client-001 --enable-p2p
+```
+
+**P2P Benefits:**
+- 🚀 Lower latency (direct peer-to-peer)
+- 📉 Reduced server bandwidth usage
+- ⚡ Automatic fallback to relay if P2P fails
+
+**Requirements:**
+- Both clients must have IPv6 connectivity
+- Both clients must use `--enable-p2p` flag
+- UDP port 51258 must be accessible
+
+**How it works:**
+1. Clients exchange IPv6 addresses via server
+2. Keepalive packets establish direct connection
+3. Data sent via P2P when connection is active
+4. Automatic fallback to relay if P2P fails
+
+For more details, see [P2P Usage Guide](./docs/P2P_USAGE.md).
+
 ### Example: Multi-Tenant Setup
 
 #### Scenario: Two Offices (Beijing & Shanghai)
@@ -313,50 +344,6 @@ ping 10.0.2.2  # From sh-office-gw to sh-db-server
 # Beijing cannot reach Shanghai and vice versa
 ```
 
-## 🏗️ Architecture
-
-### Network Topology
-
-```
-┌─────────────┐         ┌─────────────┐         ┌─────────────┐
-│  Client A   │◄───────►│   Server    │◄───────►│  Client B   │
-│  (Beijing)  │         │  (Central)  │         │  (Shanghai) │
-└─────────────┘         └─────────────┘         └─────────────┘
-      │                                                 │
-      │ Virtual IP: 10.0.1.1                Virtual IP: 10.0.2.1
-      │                                                 │
-   ┌──▼──────────────┐                      ┌───────────▼──────┐
-   │ LAN: 192.168.1.0│                      │ LAN: 192.168.10.0│
-   └─────────────────┘                      └──────────────────┘
-```
-
-### Components
-
-- **Server**: Central relay handling all client connections
-- **Client**: Edge node connecting to the server
-- **TUN Device**: Virtual network interface for packet tunneling
-- **Crypto Layer**: Encryption/decryption of all traffic
-- **Route Manager**: Dynamic routing table management
-
-### Frame Protocol
-
-```
-Frame Header (8 bytes):
-┌──────────────┬─────────┬──────┬─────────────────┐
-│ Magic (4B)   │ Ver (1B)│ Type │  Payload Len    │
-│ 0x91929394   │  0x01   │ (1B) │     (2B)        │
-└──────────────┴─────────┴──────┴─────────────────┘
-                                  │
-                                  ▼
-                          Encrypted Payload
-```
-
-**Frame Types:**
-- `0x01`: Handshake (client authentication)
-- `0x02`: KeepAlive (connection health check)
-- `0x03`: Data (tunneled IP packets)
-- `0x04`: HandshakeReply (server configuration response)
-
 ## 🔒 Security
 
 ### Encryption Algorithms
@@ -446,18 +433,16 @@ For cross-platform builds, see [BUILD.md](BUILD.md) for detailed instructions.
 
 ## 🗺️ Roadmap
 
-- [ ] IPv6 support
-- [ ] P2P direct connection
+- [x] **IPv6 support** - ✅ Completed
+- [x] **P2P direct connection** - ✅ Completed (IPv6 P2P with auto fallback)
 - [ ] Windows service support
 - [ ] systemd integration for Linux
 - [ ] Web-based management dashboard
 - [ ] Dynamic route updates without restart
-- [ ] UDP transport support
 - [ ] QUIC protocol support
 - [ ] Mobile clients (iOS/Android)
 - [ ] Docker container images
 - [ ] Kubernetes operator
-- [ ] Pre-built binary releases
 - [ ] Auto-update mechanism
 
 ## 📦 Download

README.md

@@ -19,6 +19,7 @@ Rust 编写的高性能 VPN 隧道，用于实现设备互联，异地组网。
 - 🔐 **默认安全** - AEAD 加密（ChaCha20-Poly1305）、完美前向保密、重放保护
 - 🚀 **简单易用** - 最小化配置、简洁的命令行、快速部署
 - 🌍 **跨平台** - 原生支持 Linux、macOS、Windows，提供预编译二进制文件
+- ⚡ **IPv6 P2P 直连** - 自动点对点连接，中继降级，性能最优
 - 🎯 **多种加密选项**
   - **ChaCha20-Poly1305** (默认，推荐)
   - **AES-256-GCM** (硬件加速)
@@ -32,7 +33,6 @@ Rust 编写的高性能 VPN 隧道，用于实现设备互联，异地组网。
 - [配置](#配置)
 - [使用说明](#使用说明)
 - [从源码构建](#从源码构建)
-- [架构](#架构)
 - [安全性](#安全性)
 - [贡献](#贡献)
 
@@ -234,6 +234,10 @@ Rustun VPN Client
           加密方式: plain, aes256:<key>, chacha20:<key>, 或 xor:<key>
           [默认: chacha20:rustun]
 
+      --enable-p2p
+          启用 P2P IPv6 直连
+          (默认禁用，仅使用中继)
+
       --keepalive-interval <KEEPALIVE_INTERVAL>
           保活间隔（秒）
           [默认: 10]
@@ -265,6 +269,33 @@ Rustun VPN Client
 ./client -s SERVER:8080 -i client-001 -c plain
 ```
 
+### P2P 直连
+
+默认情况下，所有流量都通过中继服务器。启用 P2P 可实现客户端之间的 IPv6 直连：
+
+```bash
+# 启用 P2P 直连
+./client -s SERVER:8080 -i client-001 --enable-p2p
+```
+
+**P2P 优势：**
+- 🚀 更低延迟（点对点直连）
+- 📉 减少服务器带宽消耗
+- ⚡ P2P 失败时自动降级到中继
+
+**要求：**
+- 双方客户端都需要 IPv6 连接
+- 双方客户端都需要使用 `--enable-p2p` 标志
+- UDP 端口 51258 需要可访问
+
+**工作原理：**
+1. 客户端通过服务器交换 IPv6 地址
+2. Keepalive 数据包建立直连
+3. 连接激活时通过 P2P 发送数据
+4. P2P 失败时自动降级到中继
+
+更多详情，请参阅 [P2P 使用指南](../docs/P2P_USAGE.md)。
+
 ### 示例：多租户设置
 
 #### 场景：两个办公室（北京和上海）
@@ -431,18 +462,16 @@ cargo build --release
 
 ## 🗺️ 路线图
 
-- [ ] IPv6 支持
-- [ ] P2P 直连
+- [x] **IPv6 支持** - ✅ 已完成
+- [x] **P2P 直连** - ✅ 已完成（IPv6 P2P 带自动降级）
 - [ ] Windows 服务支持
 - [ ] Linux systemd 集成
 - [ ] 基于 Web 的管理面板
 - [ ] 无需重启的动态路由更新
-- [ ] UDP 传输支持
 - [ ] QUIC 协议支持
 - [ ] 移动客户端（iOS/Android）
 - [ ] Docker 容器镜像
 - [ ] Kubernetes operator
-- [ ] 预编译二进制发布
 - [ ] 自动更新机制
 
 ## 📦 下载