feat: support allocating public IPv6 addresses from a provider

Add a provider/leaser architecture for public IPv6 address allocation
between nodes in the same network:

- A node with `--ipv6-public-addr-provider` advertises a delegable
  public IPv6 prefix (auto-detected from kernel routes or manually
  configured via `--ipv6-public-addr-prefix`).
- Other nodes with `--ipv6-public-addr-auto` request a /128 lease from
  the selected provider via a new RPC service (PublicIpv6AddrRpc).
- Leases have a 30s TTL, renewed every 10s by the client routine.
- The provider allocates addresses deterministically from its prefix
  using instance-UUID-based hashing to prefer stable assignments.
- Routes to peer leases are installed on the TUN device, and each
  client's own /128 is assigned as its IPv6 address.

Also includes netlink IPv6 route table inspection, integration tests,
and event-driven route/address reconciliation.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

easytier/src/peers/route_trait.rs

@@ -1,3 +1,4 @@
+use cidr::Ipv6Inet;
 use cidr::{Ipv4Cidr, Ipv6Cidr};
 use dashmap::DashMap;
 use std::{
@@ -93,6 +94,14 @@ pub trait Route {
     // TODO: rewrite route management, remove this
     async fn list_proxy_cidrs_v6(&self) -> BTreeSet<Ipv6Cidr>;
 
+    async fn list_public_ipv6_routes(&self) -> BTreeSet<Ipv6Inet> {
+        BTreeSet::new()
+    }
+
+    async fn get_my_public_ipv6_addr(&self) -> Option<Ipv6Inet> {
+        None
+    }
+
     async fn get_peer_id_by_ipv4(&self, _ipv4: &Ipv4Addr) -> Option<PeerId> {
         None
     }
@@ -194,6 +203,14 @@ impl Route for MockRoute {
         unimplemented!()
     }
 
+    async fn list_public_ipv6_routes(&self) -> BTreeSet<Ipv6Inet> {
+        unimplemented!()
+    }
+
+    async fn get_my_public_ipv6_addr(&self) -> Option<Ipv6Inet> {
+        panic!("mock route")
+    }
+
     async fn get_peer_info(&self, _peer_id: PeerId) -> Option<RoutePeerInfo> {
         panic!("mock route")
     }