1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Regarding MAC Addresses in WDS

Discussion in 'Tomato Firmware' started by Kiwi8, Jun 4, 2008.

  1. Kiwi8

    Kiwi8 LI Guru Member

    As u all may know, in WDS, we input the MAC Address of the wireless interfaces of the other routers that are to be involved in WDS communication with the current router.

    My question is, if a rogue router (not part of the network but owned by a stranger) changes its wireless interface's MAC Address to that of one of the routers in the network, what will happen?

    What will happen if there is no encryption?
    What will happen if there is encryption?

    Thanks for reading.
  2. njeske

    njeske Network Guru Member

    if the MAC is changed, then i would guess they could connect if they had the correct encryption key. if you're unsecured... then i think you'd end up with a rogue on your network.
  3. Kiwi8

    Kiwi8 LI Guru Member

    So supposing there are two routers with the same wireless MAC address participating in the WDS network but only 1 has the correct WPA key, the other rogue router will not be able to connect. Will it then disrupt the normal operation of the encrypted WDS network?

    What is the situation for the unsecured WDS network? I reckon in this second case, it would disrupt the normal operation of the unencrypted WDS network.
  4. HennieM

    HennieM Network Guru Member

    Two (authenticated) nodes with the same MACs would sure disrupt your network. It may even grind your whole network - not only the linked segment - to a halt. It's the same as when you have 2 PCs with same MACs on a network - lots of retransmits so your net becomes so congested that it just about does not work.

    A WPA secured WDS net is as secure as a WPA secured client-to-AP link. The rogue/intruder node would have to do the handshaking, etc. before it can communicate on the network.
    It would think however, that if the rogue node tries to get onto the WDS net before- and while the real node tries to get on, it might keep the real node from connecting at all.
  5. njeske

    njeske Network Guru Member

    i'm not sure what effect a rogue AP with a MAC address matching one of your legit APs might have. i wouldn't be surprised if it caused some issues without even having to properly authenticate. i'm positive it would cause a lot of issues if it did manage to properly authenticate.

Share This Page