Wide Area Networks (WANs) provide links between devices which have a lot of geographic distance between them and will generally be carried over equipment which belongs to one or more different organisations – which you’ll have to pay for! This contrasts with local area networks which are typically within a small geographic area (such as a building) where you probably own and manage all of the equipment.
WANs are typically used to connect geographically separate LANs to a larger corporate network. At its most simple, a WAN allows routing between the routers which sit at the edge of separate LANs – thus allowing the different offices of an organisation to transfer data between themselves. The router at the edge of the LAN is called customer premises equipment or customer provided equipment (CPE).
With a leased line wide area network, the company looking to connect their remote offices will engage a telecommunications service provider (telco) to provide the link. At the edge of each LAN, a router will connect to the telco’s infrastructure through a provider edge (PE) router.
A WAN link may also be referred to as a serial link or a circuit.
The company using the WAN link doesn’t need to worry about the details of the underlying layers of the service provided by the telco. They can think of it as a set of ‘point to point’ links between the CPEs at the edge of each network. The routers will know which link to send traffic down based on the destination IP address of each packet.
There are a number of link layer technologies which may be used between the company’s routers. These include High-Level Data Link Control (HDLC), Point to Point Protocol (PPP) and Ethernet over MPLS.
Whilst consumers use DSL (digital subscriber line) or cable technologies to connect to the Internet, larger enterprises may use a WAN link to connect to their ISP (Internet service provider).
Routers at the edge of the enterprise network will have a route configured which forwards packets for the Internet on to their ISP.
Often enterprises will want to make services accessible over the Internet - for example an email server so that employees can access email from home or on their mobile. This can be made possible with a special segregated network which has additional security controls to prevent Internet access directly into the main enterprise network. This is called a demilitarized zone (DMZ).
The Internet is simply a series of interconnected LANs and WANs belonging to different telecommunications providers. The routers which sit on the borders of these networks have routes between each other which enables one service providers customers to access a web server connected to another. All of this is made possible by TCP/IP.