Traversal Using Relay NAT (TURN) is a protocol that allows a host behind a NAT or firewall to receive incoming data through TCP or UDP connections. This feature is especially relevant for hosts behind symmetric NATs, or firewalls that are going to become the host in connection with one particular host (peer).
TURN does not provide for the operation of a server located behind NAT (which implies multiple client connections at arbitrary moments), it only supports connecting a single client to one incoming port (for example, with IP-telephony ).
In this regard, it retains the security functions provided by symmetric NAT and firewalls , but changes the translation tables so that the node on the inside can become the receiving side of the connection.
The TURN protocol is described in RFC 5766 , the TURN update for IPv6 support is described in RFC 6156 . The URI scheme for TURN is documented in RFC 7065 .
Introduction
NAT, providing many advantages, also contains many disadvantages. The most unpleasant of these shortcomings is that they violate many existing IP applications and also make it difficult to deploy new ones. Recommendations have been developed that describe how to develop NAT-friendly protocols, but many protocols simply cannot be built in accordance with these recommendations. Multimedia applications and file sharing are examples of such protocols.
Session Traversal Utilities for NAT ( STUN ) provides one means for traversing NAT. STUN allows the client to obtain a transport address (IP address and port), which can be useful for receiving packets from peers. However, addresses received via STUN cannot be accessed by all peers. These addresses work depending on the network topology. Thus, STUN alone cannot provide a complete NAT traversal solution.
The complete solution requires the means by which the client could receive a transport address to which he could receive a data stream from any peer who can transmit data packets to the public Internet. This can only be achieved by relaying data through a server that is located on the public Internet. This specification describes Traversal Using Relay NAT (TURN), a protocol that allows a client to obtain IP addresses and ports from such peers.
Although TURN will almost always provide a connection to the client, it creates a large load on the TURN server provider. Therefore, it is recommended to use TURN only as a last resort, preferring other mechanisms (for example, STUN or direct connection) when possible. To achieve this, the Interactive Connectivity Establishment (ICE) methodology can be used to find the best means of communication.