1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Particular differences between WDS and WEB

Discussion in 'Tomato Firmware' started by Mercjoe, Nov 6, 2011.

  1. Mercjoe

    Mercjoe Network Guru Member

    After doing further experiments, I have found the following.

    MAC address's are NOT passed over a Wireless Ethernet Bridge. Access restrictions will not work on a machine that is on the remote side of the network unless they are IP based.

    Switching over to a WDS and you can once again use MAC address's for access control.

    This problem would cause the issues that jsmiddleton4 and I were discussing in this thread:
    Without MAC's, you can not ARP bind an address.

    When I go to WDS, the MAC address's are passed by the firmware again.

    It also effects things like the network map in any windows platform that can display it. In a WEB, the computers on the remote router are unable to be placed on the network map. When you switch over to a WDS, the map then populates showing switches, computers, and links.

    In speed tests. the WEB is about 20% faster than a WDS, but the WDS is more network friendly, coherent, and IMHO secure.
  2. szfong

    szfong Network Guru Member

    WDS speeds will be cut in half or more if signal is repeated. Wireless Ethernet Bridges usually never repeats signal. To regain your signal under WDS, you MUST start entering MAC addresses in the WDS restriction/allowed table of BOTH the WDS+AP & WDS routers so as to prevent ANY unwanted device from attaching to the WDS and causing spectrum usage or interference. You will notice speeds are about the same for wired attached devices that are connected on back of WDS router as it was for wireless Ethernet Bridge.
  3. Mercjoe

    Mercjoe Network Guru Member

    That the bandwidth gets cut in half for EACH link in the WDS is a given. By the way, you don't HAVE to enter a MAC address in the 'link to' field to establish a WDS link. If you set it to automatic on each end, the WDS will be established based on having an identical SSID name and wireless channel. Setting it to link only to a specfic MAC in a WDS is also a false sense of security. I can easily change the MAC address of a wireless router. Thus the only thing protecting you is the strength of your passphrase.

    Anyway.. back to the speed issue...

    Since I only have ONE link, the speed should be only no different than that of a WEB in the configuration that I tested it in. That was with both routers wireless set as WDS, or the remote set to WEB with the main router set to AP . I did not include WDS + AP on the main router in the testing pararmeters. I was testing apples to apples. Once you set one router to WDS + AP the speed on the link did diminish some but not too badly to be honest. It was only about a 20% drop in speed and not the expected 50% that I was thinking was going to happen.

    As for the speeds for the wired connections on the remote router I found the WEB connections on the VLAN builds to be consistantly faster on transfer tests of a 200 meg file. The WDS connection was snappy, but not as fast again by about 20%.

    In each of my tests, after i had flashed the routers and established basic connectivity, I configured the remote router first over the wireless link and then re-configured the main router to re-establish the link. By doing it this way I could test WEB and WDS on each set of firmware combinations.

    As soon as the services restarted on the VLAN builds the link was active and usable. On the non-VLAN builds or a mix of VLAN/non-VLAN builds it could take up to a minute for the routers to hash things out and establish the network link. Another interesting piece of data. It just shows that Teaman REALLY did something right in that mod.

    I had stated earlier in a previous post how WEB could be a viable network extender. With the limitation of not passing MAC address's along, my enthusiasm has waned somewhat. MAC addressing is needed for ARP binding of static IP's. Plus the network is just more 'cohesive' in WDS mode as seen by network tools that Windows has.

    One additional thing I found interesting about the WEB mode. If you set the main router channel to auto, the remote router will change channels to stay connected. I was able to induce a 'interference' issue and the main router would promply change to a clearer channel taking the remote router with it. WDS is limited in that you have to define a static channel and stay there.

    Ahh.. the pro's and con's
    teaman likes this.
  4. lightsword

    lightsword Serious Server Member

    Kind of bumping an old post but this arp binding "feature" that all these newer tomato builds seem to have is killing off all my internet connections and I can't find a way to disable it at all. I just want this so called "feature" to die so that I can go back to using all the capabilities that all the older firmwares had such as Wireless Ethernet Bridging. For trusted well managed private networks this feature is about as useless and annoying as possible.
  5. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    Is there a question buried in there or did you just need to vent?

    You don't need ARP binding for either WDS or WET bridge. You don't need ARP binding for static ip addresses handed out via DHCP. You shouldn't need ARP binding if you have control over all the devices on the network, unless you're using it to learn how it works.
  6. lightsword

    lightsword Serious Server Member

    I was actually trying to disable it outright it was causing problems, but I finally managed to get my bridges to connect. It was causing a lot of weirdness for wireless Ethernet bridges.
  7. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    Understood. Did unchecking the option in the GUI not work?

Share This Page