Mental model
A WAN is anything that connects sites farther apart than you can run your own cable. You rent from a carrier — and the rental terms shape everything else: bandwidth, SLA, predictability, cost, security.
Every WAN choice trades off three things:
- Bandwidth + symmetry — how many Mbps each way, and is upload as fast as download?
- SLA + jitter — guaranteed latency / packet loss / uptime, or best-effort?
- Cost per Mbps — leased lines bill by dedicated capacity; broadband bills by tier; LTE bills by data usage.
CCNA blueprint covers the major categories at a recognition level — you should know which is which and when each fits.
The six categories
1. Dedicated leased lines (T1 / E1 / SONET / DS3)
The old guard. Point-to-point copper or fiber from carrier between two of your sites. Dedicated bandwidth, end-to-end SLA.
| Type | Bandwidth | Region |
|---|---|---|
| T1 | 1.544 Mbps | N. America |
| E1 | 2.048 Mbps | Europe / RoW |
| T3 / DS3 | 44.736 Mbps | N. America |
| OC-3 | 155 Mbps | SONET |
| OC-12 | 622 Mbps | SONET |
| OC-48 | 2.5 Gbps | SONET |
- Pros: Hard SLA, predictable latency, fully private.
- Cons: Expensive, fixed bandwidth, slow to provision (weeks).
- 2026 reality: Mostly being retired in favor of Metro Ethernet. You’ll still find T1/E1 at small branches, remote sites, and in legacy industries.
2. Metro Ethernet (MetroE)
Ethernet handoff from a carrier. Looks like a regular RJ45/SFP port, but the other end is hundreds of km away.
Three flavors (MEF specifications):
| Service | What it provides |
|---|---|
| E-Line | Point-to-point. Like a wire between two sites. |
| E-LAN | Multipoint-to-multipoint. Like a bridged LAN across cities. |
| E-Tree | Hub-and-spoke (root + leaves). |
- Pros: Easy — your edge switch just plugs in. SLA from carrier. Faster to provision than T1.
- Cons: More expensive than broadband, requires single carrier across your footprint.
- 2026 reality: Default WAN choice for mid-sized enterprises that want SLA but don’t want MPLS complexity.
3. MPLS L3VPN
Covered fully in MPLS Basics. The carrier runs MPLS internally; you peer with their PE routers from each of your sites. Carrier provides VRF-isolated routing across all your sites.
- Pros: Multi-site any-to-any without you running BGP. SLA. QoS. Mature.
- Cons: Expensive ($/Mbps), single-carrier lock-in, slow to add new sites.
- 2026 reality: Still common in large enterprises, but losing share to SD-WAN-over-broadband.
4. Broadband (Cable / DSL / FTTH)
Consumer-style internet. You buy a connection like a residential user, but you’re sharing infrastructure with neighbors.
| Type | Typical speeds | How it works |
|---|---|---|
| Cable (DOCSIS) | 100 Mbps – 2 Gbps down / 20-200 Mbps up | Coax shared in neighborhood |
| DSL (ADSL / VDSL) | 5-100 Mbps / 1-20 Mbps | Copper telephone pair |
| FTTH (fiber to home) | 100 Mbps – 10 Gbps symmetric | Fiber to your premises |
- Pros: Cheap, fast to install, often symmetric (fiber) at high speeds.
- Cons: Best-effort — no SLA. Asymmetric on cable/DSL (download fast, upload slow). Shared bandwidth.
- 2026 reality: The hidden backbone of SD-WAN deployments. Two cable modems + LTE backup = cheaper and faster than one MPLS at most branches.
5. Wireless WAN (LTE / 5G / fixed wireless)
Carrier cellular as the transport.
| Type | Typical speeds | Latency |
|---|---|---|
| LTE / 4G | 20-150 Mbps down / 10-50 Mbps up | 40-80 ms |
| 5G (sub-6) | 100 Mbps – 1 Gbps | 20-40 ms |
| 5G (mmWave) | 1-3 Gbps | 5-20 ms |
| Fixed Wireless | 50 Mbps – 1 Gbps | 20-40 ms |
- Pros: No cabling. Fast to deploy (just bring up a SIM). Geographic flexibility.
- Cons: Data caps. Coverage variability. Often expensive per GB.
- 2026 reality: Used as backup links, pop-up sites, temporary deployments, vehicle fleets, and where wired isn’t feasible.
6. Satellite
The last-resort tier — Starlink (LEO), Viasat / HughesNet (GEO).
| Type | Typical speeds | Latency |
|---|---|---|
| LEO (Starlink) | 100-300 Mbps | 30-60 ms |
| GEO | 25-100 Mbps | 600+ ms |
- Pros: Works literally anywhere.
- Cons: GEO latency is brutal. LEO (Starlink) much better but still subject to weather and limited capacity.
- 2026 reality: Maritime, offshore oil/gas, polar research, disaster recovery — anywhere wired isn’t an option.
PPP and PPPoE — link-layer for some of these
Several WAN technologies use PPP (Point-to-Point Protocol) at Layer 2:
- Leased lines (T1/E1) commonly use PPP or HDLC.
- DSL uses PPPoE (PPP over Ethernet) — wraps PPP inside Ethernet so the DSL modem can authenticate to the ISP.
A typical PPPoE setup on Cisco IOS:
R1(config)# interface Dialer0
R1(config-if)# encapsulation ppp
R1(config-if)# ip address negotiated
R1(config-if)# dialer pool 1
R1(config-if)# ppp authentication chap callin
R1(config-if)# ppp chap hostname acme123@isp.com
R1(config-if)# ppp chap password 7 SecretPwd
R1(config)# interface Gi0/1
R1(config-if)# pppoe-client dial-pool-number 1
For CCNA, you should recognize the PPPoE concept and the basic config — full PPP tuning is beyond CCNA scope.
SD-WAN — making the choice flexible
If you read SD-WAN Concepts, you’ll recognize the pattern: instead of picking one WAN type, you pick several and let SD-WAN do app-aware path selection.
Common 2026 branch pattern:
- One MPLS (for SLA-bound voice/video)
- One broadband (cheap bulk, SaaS direct break-out)
- One LTE (backup, never-down)
SD-WAN treats all three as fungible transports for the overlay tunnels. Voice goes over MPLS. SaaS goes direct over broadband. If MPLS dies, voice falls over to broadband (with QoS degradation but no outage). If broadband dies too, everything fails over to LTE.
This is the why of modern SD-WAN — diverse WAN transports become a feature, not a complication.
Quick comparison
| Type | Bandwidth range | SLA | Cost/Mbps | Provisioning time | Use case |
|---|---|---|---|---|---|
| Leased line | 1.5 Mbps – 2.5 Gbps | Yes | Highest | Weeks | Legacy, regulated, small branches |
| Metro Ethernet | 10 Mbps – 100 Gbps | Yes | High | Days-weeks | Default enterprise mid-tier |
| MPLS L3VPN | 1 Mbps – 100 Gbps+ | Yes | High | Weeks | Large enterprise multi-site |
| Broadband | 5 Mbps – 10 Gbps | No (best effort) | Low | Days | SD-WAN underlay, SaaS direct |
| Wireless (LTE/5G) | 10 Mbps – 1 Gbps | Limited | Medium | Hours | Backup, pop-up, mobility |
| Satellite (LEO) | 50-300 Mbps | Limited | Medium-high | Days | Remote / maritime |
Selecting a WAN — questions to ask
- How much bandwidth do I need? Real measurement, not vendor wishful thinking.
- What apps run on this link? Latency-sensitive (voice, real-time trading) needs an SLA-backed link.
- What’s my tolerance for downtime? Need 99.99%? Get two transports from two different carriers.
- What’s the budget? MPLS is 5-15× more expensive per Mbps than broadband.
- How fast must I deploy? New site opening in 2 weeks → broadband + LTE backup, not MPLS.
- Will I use SD-WAN? If yes, pick diverse cheaper transports. If no, pick one premium link.
Common mistakes
-
Single transport, no backup. One link, no failover. Eventually it goes down for hours. Always have a second path — even if it’s an LTE modem.
-
Assuming broadband upload = broadband download. Cable / DSL are asymmetric. A “1 Gbps cable” might only upload at 30 Mbps. Matters a lot for backups, video calls, cloud uploads.
-
Buying “MPLS” thinking it’s encrypted. It’s not. MPLS provides traffic separation, not confidentiality. If you need encryption, layer IPsec on top.
-
Ignoring jitter when picking broadband for voice. Bandwidth might be fine, but if your cable modem occasionally has 50ms jitter spikes, voice quality tanks. Test before deploying.
-
Putting LTE on a billable data plan with no monitoring. A misbehaving WAN backup chewing through 50 GB/day will produce surprise bills. Configure SD-WAN to use LTE only on failover.
-
Single carrier across all sites. That carrier has one regional outage and every site is down at once. Diversify.
-
Forgetting cabling at the new site. Telco hands you a 100 Mbps Metro-E. Your IDF doesn’t have a fiber patch. Bring a real installer to survey.
Lab to try tonight
This is a hard topic to lab directly — most folks don’t have leased lines in their garage. But you can:
- Look up your own internet connection in
tracerouteand note the first 3-4 hops — that’s your ISP’s edge network. - Compare
mtrresults between cable, LTE-tethered phone, and Wi-Fi. Note jitter differences. - In GNS3/CML, build a PPPoE client/server pair — practice the config until it’s muscle memory.
- Configure two routers as if they were a small enterprise + branch: one router speaks PPP/HDLC to the other. Bring up the link, watch CHAP authentication.
- Use a public looking glass (e.g.,
lg.he.net) to traceroute between cities — see real-world carrier paths. - Compare cost per Mbps of your home internet vs a public quote for MPLS in your area — eye-opening.
Cheat strip
| Type | One-line characterization |
|---|---|
| Leased line (T1/E1/SONET) | Dedicated copper/fiber, fixed bandwidth, SLA. Legacy default. |
| Metro Ethernet | Carrier hands you Ethernet across cities. E-Line / E-LAN / E-Tree |
| MPLS L3VPN | Carrier-managed VRF mesh. SLA + any-to-any. |
| Broadband | Cable / DSL / FTTH. Cheap, no SLA. SD-WAN’s favorite. |
| Wireless (LTE/5G) | No cabling. Backup or pop-up. Watch data caps. |
| Satellite (LEO/GEO) | Anywhere on Earth. LEO finally usable; GEO has 600ms latency. |
| PPP / PPPoE | Layer 2 framing for leased lines and DSL respectively |
| SD-WAN’s value | Combine multiple cheap transports into one resilient logical WAN |
| CCNA depth | Recognize each, know SLA vs best-effort, know when each fits |