Words taken from RE-TURN RTCWEB draft
- TURN [RFC 5766] is a protocol used to provide connectivity between users behind NAT or to obscure the identity of the participants by concealing their IP addresses.
- The TURN server typically sits in the public internet.
- The problem is direct UDP transmissions are not permitted between clients on the internal networks and external IP addresses in many enterprises. It is not ideal to use TURN-TCP or TURN-TLS for media because of latency.
- In the current WebRTC implementations, TURN can only be used on a single-hop basis.
- Using only the enterprise’s TURN server reveals the user information. Less security here.
- Using only the application’s TURN server may be blocked by the network administrator or may require using TURN-TCP or TURN-TLS. Less connectivity here.
- For security and connectivity, Recursively Encapsulated TURN (Re-TURN) is introduced. Multiple TURN servers are used to route the traffic.
- The browser allocates a port on the border TURN server (TURN proxy) and runs STUN and TURN over this allocations. So the TURN is recursively encapsulated.
- Only the browser needs to implement the Re-TURN and not the TURN proxy or the Application TURN server.