with all this STUN/TURN Server stuff, i am wondering about the network connections/architecture how connections are really be done, when running my own jitsi server instance.
So in the scenario, where users are behind a NAT Router at home (where all ports for outgoing connections are allowed) and a jitsi server in the internet with ports 80, 443 and 10000 are opened.
Normally these home routers allows everthings outgoing, but allow only connections back from an ip to which the inital packet was send and to the port the NAT Router used(Stateful Firewall)
Are there any direct connections between the users of a meeting or are all users connecting to the jitsi server and videobridge and they both are sending the pakets from the server forwards and backwards to the users?
So why are STUN Server are needed, if every users behind a NAT can connect to jitsi server first and receives pakets back from it.
A TURN Server is only needed if outgoing ports to e.g 10000 are blocked, thats what i understand.
But in my scenario the jitsi server itself acts like an kind of TURN Server?
Since all users are connecting to it and receives the data from all other users back through jitsi and videobridge?
So by default there is no external TURN Server needed or is there any configured anywhere?
Hopefully i was able to explain my question good enough. If not please ask for some point. I really need to understand for privacy reasons in which scenario, data are transfered to