If it weren’t for wide-area networks (WAN) it wouldn’t be possible to telecommute, to create unified networks for organizations with far-flung locations, or to do online anything. But WANs do exist and have for decades, constantly evolving to carry more and more traffic faster as demands increase and technology becomes more powerful.
What is a WAN?
A WAN is a network that uses various links—private lines, Multiprotocol Label Switching (MPLS), virtual private networks (VPNs), wireless (cellular), the Internet—to connect smaller metropolitan and campus networks in diverse locations into a single, distributed network. The sites they connect could be a few miles apart or halfway around the globe. In an enterprise, the purposes of a WAN could include connecting branch offices or even individual remote workers with headquarters or the data center in order to share corporate resources and communications.
WANs vs. LANs: What’s the difference?
A WAN is often contrasted with a local area network or LAN. LANs are networks generally limited to a single building or small campus. They’re private to a single organization or even person and can be created with relatively inexpensive equipment. Your home Wi-Fi network is a LAN.
The technologies and protocols that make LANs easy to set up don’t scale beyond a certain limited distance or to truly massive numbers of endpoints. Dealing with those scales is the purpose of a WAN: connecting one or more LANs. The networking technologies and protocols WANs use to transmit information are different from those used within LANs.
The Internet is, strictly speaking, a WAN. However, when we talk about WANs, we usually mean private or semi-private networks combining far-flung LANs. Branch offices in different cities might share private internal corporate resources over a WAN, for instance.
While LANs are usually maintained by an organization’s own IT staff, WANs are often at least in part reliant on physical connections provided by telecommunications carriers. Decisions on what kind of connections or communications protocols to use and how to deploy them will guide the creation of your WAN architecture.
Let’s start with WAN protocols—the rule sets that define network communication over a WAN. One of the earliest protocols used to deliver WAN traffic is X.25, which uses packet-switching exchanges (PSE) for the hardware that drops traffic onto the wires connecting sites. It includes standard-sized packets delivered in order and includes error correction. The physical links include leased lines, dialup telephone services or Integrated Services Digital Network (ISDN) connections. It’s not used much anymore.
Frame relay is a successor to X.25. Frame relay cuts data into different-sized frames and leaves error correction and retransmission of missing packets up to the endpoints. These differences speed up the overall data rate. In addition, Frame Relay relies less on dedicated connections to create meshed networks, meaning fewer physical circuits, hence saving companies money. Frame relay, while once extremely popular, has become less so.
Asynchronous Transfer Mode (ATM) is similar to frame relay with one big difference: data is broken into standard-sized packets called cells. Cells make it possible to blend different classes of traffic onto a single physical circuit and more readily guarantee qualities of service. The downside of ATM is that because it uses relatively small cells, the headers eat up a relatively large percentage of the total contents of transmissions. Therefore, ATM’s overall use of bandwidth is less efficient than that of frame relay. ATM also has fallen out of favor with business customers.
Today, multi-protocol label switching is used to carry much corporate data across WAN links. Within an MPLS network, brief header segments called labels allow MPLS routers to decide quickly where to forward packets and to treat them with the class of service indicated by the labels. This makes it possible to run different protocols within MPLS packets while giving different applications appropriate priority as traffic travels between sites.
Internet protocol (IP), which became more ubiquitous in the 1990s, is one protocol commonly carried within MPLS.
Types of WAN connections
All these protocols operate over different kinds of network connections. Initially, WANs were built with meshed webs of private lines bought from telecommunications carriers, but WAN architectures have advanced to include packet-switched services such as frame relay and ATM as well as MPLS. With these services, a single connection to a site can be connected to many others via switching within service-provider networks. These types of connections provide direct and largely private means of communication for your various LANs. That gets you speed and security—but it isn’t cheap. For certain types of traffic, the Internet can also be woven into the mix to provide less expensive WAN connections.
What is tunneling? What is a VPN?
WAN connections that operate over the Internet or some other public network generally use a technique known as tunneling. In a tunneled connection, the private-network data and protocol information are encrypted and encapsulated in IP packets that are routed over the open internet. When those packets arrive at the destination LAN, the IP headers are stripped away, the payload is decrypted and private-networking features come back into play. From the perspective of the LAN users at either end, the packets behave as if they’re travelling over a private WAN. The name for the technique comes from the metaphorical tunnel that the private packets travel through.
The most common tunnel is the virtual private network (VPN). VPN connections encrypt data in order to keep it private as it travels over public networks. VPNs are frequently used to allow home office workers to connect to private corporate WANs. A VPN user’s Internet traffic is routed through the WAN network they’re connected to, which can give them an IP address that doesn’t reflect their real physical location; this makes VPNs a favored tool for streaming content that may be restricted by geography.
WANs today may use multiple types of connections and protocols simultaneously, which obviously adds many layers of complexity.
As a result, the use of software-defined technology to manage WANs is gaining momentum. Software-defined WAN (SD-WAN) takes software-defined concepts, especially the decoupling of the control plane from the data plane, and brings it to the WAN.
SD-WAN uses software to monitor the performance of a mix of WAN connections—MPLS, dedicated circuits, the Internet—and to choose the most appropriate connection for each traffic type. So teleconferencing might run over a dedicated circuit, but email might use the internet. In making its decisions, SD-WAN software takes into account how well each link is performing at the moment, the cost of each connection and the needs of each application.
Initially SD-WAN aimed at creating hybrid WANs and using policies to mix MPLS and internet connections in order to improve efficiency and lower costs. The next phase will improve management and monitoring and provide better security, according to Lee Doyle of Doyle Research. SD-WAN connections proved invaluable as office workers scattered to their homes during the 2020 coronavirus pandemic, and the market is expected to increase by 168% by 2024, according to the Dell’Oro Group.
A subset of SD-WAN called SD-Branch is helping reduce the need for hardware within branch offices. Offerings from big vendors including Aruba and Juniper can replace many physical devices with software running on off-the-shelf servers. Mobile backup across an SD-WAN can provide a failover for broadband connections as wireless WAN technology (4G, LTE, 5G, etc.) costs decrease.
WAN management and optimization
Because data transmission is still reliant on the rules of physics, the greater the distance between two devices, the longer it will take for data to travel between them. The greater the distance, the greater the delay. Network congestion and dropped packets can also introduce performance problems.
Some of this can be addressed using WAN optimization, which makes data transmissions more efficient. This is important because WAN links can be expensive, so technologies have sprung up that reduce the amount of traffic crossing WAN links and ensure that it arrives efficiently. These optimization methods include abbreviating redundant data (known as deduplication), compression, and caching (putting frequently used data closer to the end user).
Traffic can be shaped to give time-sensitive applications such as VoIP a higher priority over other, less urgent traffic such as email, which in turn helps improve the overall WAN performance. This can be formalized into quality-of-service settings that define classes of traffic by the priority each class receives relative to others, the type of WAN connection that each traffic type will travel, and the bandwidth that each receives.
Once a separate category, WAN optimization is being absorbed by SD-WAN.
History of WANs
WANs have been around since the early days of computing networks. WANs were based on circuit-switched telephone lines and modems but now connectivity options also include leased lines, wireless, MPLS, broadband internet, and satellite.
As technologies changed, so did transmission rates. The early days of 2400bps modems evolved to 40Gbps and 100Gbps connectivity today. These speed increases have allowed more devices to connect to networks, enabling the explosion of connected computers, phones, tablets and smaller Internet of Things devices.
In addition, speed improvements have allowed applications to utilize larger amounts of bandwidth that can travel across WANs at super-high speed. This has allowed enterprises to implement applications such as videoconferencing and large-file data backup. Nobody would have considered conducting a videoconference across a 28kbps modem, but now workers can sit at home and participate in global company meetings via video.
Many WAN links are supplied via carrier services in which customers’ traffic rides over facilities shared by other customers. Customers can also buy dedicated links that nail up circuits point-to-point and are used for just one customer’s traffic. These are typically used for top-priority or delay-sensitive applications that have high-bandwidth needs such as videoconferencing.
Traffic between WAN sites may be protected by virtual private networks (VPN) that overlay security on the underlying physical network, including authentication, encryption, confidentiality and non-repudiation. In general, security is a crucial part of any WAN rollout, because a WAN connection represents a potential vulnerability that an attacker could use to gain access to a private network.
For instance, a branch office without a full-time infosec staffer might be lax in its cybersecurity practices. As a result, a hacker who breached the network at the branch could go on to access the main corporate WAN, including valuable assets that would have been otherwise impregnable. In addition to networking features, many SD-WAN offerings provide security services as well, which need to be kept top of mind during deployment.
WAN technologies aren’t just limited to Earth. NASA and other space agencies are working to create a reliable “interplanetary internet,” which aims to transmit test messages between the International Space Station and ground stations. The Disruption Tolerant Networking (DTN) program is the first step in providing an Internet-like structure for communications between space-based devices, including communicating between the Earth and Moon, or other planets. But barring any dramatic breakthrous in physics, network speeds would likely top out at the speed of light.
Copyright © 2020 IDG Communications, Inc.