WDS at its core -
As we mentioned in our introduction to WDS, this is a system that allows you to bridge a series of wireless devices without the need to use Ethernet cables. This is not a new creation, though; it was first introduced around 2005-2006 as an alternative to the standard repeater modes. But it has been slow in adoption due to a lack of standardization. As it stands right now, WDS is not certified by the WiFi Alliance, so each vendor has their own method of implementation. However, despite the standardization, there are portions of WDS that are consistent across vendors. These are the basics of the WDS system and this is what we will look at now.
Once setup (we will talk about setup in more detail later), you have something resembling a mesh network. This means that each leg in the WDS system is capable of talking to all other legs in the group. As you can see from the diagram below, the more Access Points in the system, the more links you have between them.
Taking a Step Down (in the OSI Model) -
One of the reasons that WDS works well is the requirement to use the MAC (Media Access Control) to establish the links in the WDS group. This brings the connectivity down to the Datalink layer of the OSI model, which is one layer below traditional IP based connectivity (IP based communication is layer 3). It is not all the way down to the physical layer where the traditional Ethernet cable is, but it is close. As the Datalink Layer is only layer 2 (the network layer is layer 3), we are getting closer and making the connection a little more robust.
WDS and Security -
Now, with all the data you have flowing around the air, you want to make sure that you can keep prying eyes form it. Until recently this was a big problem with WDS as most implementations only supported WEP (Wireless Encryption Protocol). You might not think this is problem, but it really is.
With current tools, even a less than average "hacker" can break into a WEP Protected network in about 20 minutes. This time drops down significantly as the traffic increases (the more packets that can be grabbed, the quicker the WEP key can be figured out) and if you can throw a GPGPU into the mix it gets even faster.
In fact, this is still a problem with many mixed vendor setups (and some mixed device setups), but for the most part, if you buy products from the same vendor and in the same line, you can now implement WPA and WPA 2 protection as long as you use pre-shared keys.