2 min readJust now

–

The hell of NAT in P2P

Most P2P stacks spend half their life punching holes through consumer-grade routers. Each extra STUN/TURN hop adds latency, fragility, and operational cost. Connection symmetry breaks, peers get stranded behind carrier-grade NAT, and deployments inherit a pile of NAT-specific edge cases that have nothing to do with the application.

Why IPv6 changes the game

IPv6 restores globally routable addresses to every node, letting peers connect without contortions. With stable, abundant addressing, P2P can rely on direct paths again, simplify signaling, and cut out TURN relays. It also opens room for simpler security and connection models — no more brittle state machines that only exist to appease NATs.

Design decisions (QUIC, crypto, ratchet)

QUIC transport: modern congestion control, stream multiplexing, and 0-RTT where appropriate; easier path to production than bespoke UDP. Crypto defaults: AEAD for payloads, X25519 for key agreement, and a minimal handshake to bind identities. Ratcheting: per-session chain keys to deliver forward secrecy and limit blast radius if a key leaks. Transfer pipeline: chunking + Merkle trees to verify content quickly and support erasure coding for lossy paths.

What I6P is not (not a torrent client)

I6P is a transport substrate, not a feature-complete file-sharing app. No DHT, no piece selection logic, no swarm incentives. It’s meant to be embedded beneath your own discovery, routing, or application protocols.

How to integrate in other projects

Treat I6P as the secure, QUIC-based pipe; keep your own app protocol on top of its streams. Identity stays yours: you bind your peer IDs to I6P sessions and reuse existing PKI or Web-of-Trust schemes. The transfer layer is optional; you can opt into chunking/merkle verification for integrity, or just use raw streams.

Press enter or click to view image in full size

Network topology image

GitHub: https://github.com/TheusHen/I6P