Can anyone explain to a novice C programmer what this means / how this works? I get that it is a security feature and any security feature is good in my book. Is it some kind of page guard electric fence kind of structure?

There is a good summary available at https://lwn.net/Articles/810077/

Thank you kind Internet stranger so to me it sounds like an enhanced version of "write xor execute" but where we limit the number of return addresses of a function to only those allowed to be called which as the paper said for most is fewer than 10, but a whole 7% that is 100 or more.

On the one hand, better forward edge CFI and fewer improper function pointer casts are good.
On the other hand, that's still significantly technically inferior to CFI containing forward edge + backwards edge + probabilistic defenses, which PaX RAP has been providing under the GPL for 7 years by now, i.e. since before PaX+grsecurity went commercial-only (*)
https://pax.grsecurity.net/docs/PaXT...AP-RIP-ROP.pdf
​https://grsecurity.net/rap_faq

*: thereby enabling their producers to start making a living from PaX+grsecurity, which they couldn't do in 17 years offering the software for public download at no cost in donation-only mode, then recruit additional security researchers to further improve defenses and find more security issues in software and hardware, then additionally sponsor work on FLOSS useful to the general public such as the GCC Rust front-end.
Not all parts of RAP are available from the latest GPL PaX & grsecurity patches publicly distributed by their makers; newer GPL patches can be different.