WEST NETWORKS  •  THE INFRASTRUCTURE EXPERTS SHOP PEPLINK →

Networking 101

Networking 101 — from the wire to SD-WAN

You cannot bond what you do not understand. These are the vendor-neutral essentials that have always run the internet — each closed with how it changes once a site’s connection is many links behaving as one.

How the internet works · OSI & TCP/IP

Data is wrapped in layers — application, transport (TCP/UDP), network (IP), link — and passed hop to hop by routers reading destination addresses. In an SD-WAN world: those hops can leave over several links at once, so the first hop stops being a single point of failure.

IP addressing & subnetting (v4 and v6)

Addresses identify hosts; subnet masks split them into networks. A clean convention makes a network self-documenting — e.g. make the third octet match the VLAN ID, so VLAN 20 is 10.0.20.0/24. IPv6 removes the scarcity that forced NAT. In an SD-WAN world: clean subnet design keeps sites from colliding when you bond and route between them.

NAT — and why sessions break on multi-WAN

NAT lets many private hosts share one public address; it is everywhere and it breaks things (VoIP, VPN, P2P that embed their own address). In an SD-WAN world: each WAN has its own public IP, so a non-tunneled session that moves links changes IP and dies. The fix is persistence (pin the session to one WAN) — or put it on the SpeedFusion tunnel, which gives it one stable virtual IP that roams across links freely.

DHCP & DNS — the top 3 DNS tickets

DHCP hands devices their address; DNS turns names into addresses. “It’s always DNS” is a joke for a reason. The three you will see: (1) wrong/unreachable DNS server — ping-by-IP works, names fail; (2) stale cache — site moved, cache didn’t, flush and wait out the TTL; (3) split-horizon — an internal name resolves to a public IP. Fast test: ping a public IP by number, then nslookup a name against 8.8.8.8 — if the number works and the name fails, it’s DNS.

Layer-2 switching & MAC learning

Switches forward frames by MAC address, learning which device lives on which port. Most “weird” local problems are Layer 2 (duplicate MAC, full table, a loop). In an SD-WAN world: a Layer-2 SpeedFusion tunnel can extend one LAN across the wide area — the foundation of the roaming, infrastructure-less wireless West Networks builds for large mobile sites.

VLANs & subnets — one design (worked example)

A VLAN is a Layer-2 broadcast domain; a subnet is a Layer-3 range; in a good design they map one-to-one, tied together by a Layer-3 device. Park the native VLAN off VLAN 1 (double-tagging attacks) and prune trunks to only the VLANs that need them. A mid-size clinic:

PurposeVLANSubnet
Management1010.0.10.0/24
Staff2010.0.20.0/24
Clinical / EHR3010.0.30.0/24
Medical imaging4010.0.40.0/23
VoIP5010.0.50.0/24
Cameras / IoT6010.0.60.0/24 (no internet)
Guest Wi-Fi7010.0.70.0/24 (isolated)

In an SD-WAN world: the Peplink edge can BE the Layer-3 device — holding each VLAN’s gateway, routing between them, and applying firewall policy — which retires a separate, expensive core switch.

Spanning tree & loops (RSTP)

STP stops Layer-2 loops, which have no TTL and melt a network in seconds. Run RSTP (converges in seconds) and set the root bridge deliberately — the most central switch, not whichever has the oldest MAC. A broadcast storm looks like every port light blinking in unison and the network dead in seconds; suspect a loop and the cable someone just double-plugged.

Next: the engine that turns these links into one — SpeedFusion 101 →