DOUBLE NAT breask WebRTC STUN connections

Up until a week or so ago, it was possible to connect a webrtc peer running within a gitpod instance to a local browser based webrtc peer.

The peerfetch project hello world example demo worked fine.

It appears that in the last few days, a DOUBLE NAT firewall scheme was introduced in the gitpod infrastructure which now prevents direct connections via STUN and requires TURN intermediary, which adds complexity and costs.

Is there a way to switch back to a more common NAT firewall scheme that’s used in 80% of private networks. I don’t know of any clear security benefits that double nat adds, but it does add a number of complications for networking apps.

Thank you!