Hi there

I've set up a WDS network using WPA encryption. The devices are ranging from WRT54G 1.1 up to 2.2 and WRT54GLs. When this network was running WEP encryption it was working flawlessly. I could reboot whichever router and the whole network would then be rebuilt the way I intended it to be set up. When doing WPA encryption, however, this has all changed:

If I try to reboot one of the "leaf" APs, the link between it and the "hub" AP won't get reestablished. To get it reestablished I have to reboot the hub AP as well, which can be quite the hassle. Sometimes it's not enough just to do one reboot, I may have to do several before the link is reestablished.

The network is set up as follows:

Wired network ---- AP #1 (hub AP) |---- AP #2
                                                   |---- AP #3
                                                   |---- AP #4

All APs are set up pretty much identical, using WhiteRussian 0.9, apart from wl0_wds and different setting for transmit power. lan_proto is set to dhcpclient, so the br0 interface should get its IP from DHCP.

I see both stations when doing wl scan, so the radios are seemingly working.

Can someone please shed some light on the whole WDS with WPA encryption thing, because it's certainly not working for me.

(Last edited by mflage on 24 Jul 2007, 16:34)

Well, I don't know much about WDS but one thing I noticed about your post was you mentioned differing transmit powers.  From what I've read changing the transmit power will not do much for your leaf AP's, as the connection is only changing on one side.  The leaf AP's need stronger antennas to benefit from the increased transmit power.

If I was trying to complete something like this, I would worry mainly about the hub and one leaf until you can get them to network flawlessly.  Then work the other two out.  Perhaps on your leaf disabling or commenting out dhcp in the dnsmasq.conf would fix your problem?

So what you're saying is you are able to network a hub and leaf together, it just takes a while for them to connect? Perhaps turning the transmit power down to standard would fix this?

Perhaps setting the leafs as a static IP would help, as well.  Sorry I'm not too much help but thought I'd throw out some ideas.  You never know...

I'm using different antennas on each side.

At the hub node I have a 7 dBi omni, and on the other sites I'm using 12 dBi yagis - thus setting a lower transmit power on them. I may be wrong about this, but I don't think this should influence anything..?

What I've figured out so far is that when introducing new APs to the WDS network, I have to reboot the hub node to get all nodes back online again. So it may seem like there's some issues with this node. I will try to replace it tomorrow and see what happens. Will update this post after I've done this test.

Hi,

I can confirm this issue. I have 3 WRT54GL, 2 of them connect to main unit, the "hub". I use WPA. If a "leaf" WRT is rebooted the WDS connection is not re-established. Rebooting the "hub" does the trick, sometimes I also have to reboot the other "leaf" device.

Finally!

I thought I was alone reporting this, after repeatingly inquiring about this issue without getting some response. I even reported a ticket at https://dev.openwrt.org/ticket/1788 , but it doesn't look like anyone has grabbed hold of it.

Have you tried Kamikaze as well?

(Last edited by mflage on 16 Aug 2007, 08:28)

i have the same problem with 4 wds, A short look into it shows it appears that with wpa, the key changes(wpa uses a rolling code) after rekey time and then if any 1 of units is reset, it cannot connect.

So this means, in practice, that all participating nodes need to connect before the rekeying interval to get on board the "WPA rollover key changing-train"? Is this the way it's supposed to be? I mean, wireless clients can connect whenever they want to, how and why is this setup different?

To sum this up (and ultimately to bump this thread): WPA is not working satisfactory with WDS? Does anyone know of some sort of alternative or fix for this issue? Is this problem solved with Kamikaze?

Since WR is no longer being supported (or updated except for serious issues), you may have better luck with kamikaze.  I've had nothing but good experiences with WR but that doesn't mean the occasional bug won't pop up.  Submit a dev ticket and hopefully they will point you in the right direction.