What is WDS?

WDS is a collection of Cisco IOS Software features that enhance WLAN client mobility and simplify WLAN deployment and management. A WDS device can be a Cisco Aironet Series access point Cisco router or Cisco Catalyst switch.

All access points in a subnet are detect and securely register, via IEEE 802.1X, with the WDS. The WDS aggregates client and access point RF(Radio Frequency) measurements for RE-managed services such as rogue access point detection, interference detection and assisted site serveys.The currently supported WDS feature set includes fast secure roaming, radio management aggregation, and client tracking. Before the operation of any other WDS-based features. it must establish relationships between the APs that participate in WDS and the device that is configured as the WDS. One of the main purposes of WDS is to cache the user credentails as soon as the authentication server authenticates the client for the first time. On subsequent attempts, WDS authenticates the client on the basis of the cached information.

Advertises WDS capability and participates in an election of the best WDS device for WLAN. Set up one device as the main WDS candidate and one or more additional devices as backup WDS candidates. If the main WDS device goes offline, one of the backup WDS devices takes the place of the main device. Authenticates all APs in the subnetwork and establishes a secure communication channel with each of the APs. Collects radio data from APs in the subnetwork, aggregates the data, and forwards the data to the Wireless LAN Solution Engine (WLSE) device on network. Registers all client devices in the subnetwork, establishes session keys for the client devices, and caches the client security credentials. When a client roams to another AP, the WDS device forwards the client security credentials to the new AP. A single WDS AP can supports a maximum 60 infrastructure APs.

The WDS and the infrastructure APs communicate over a multicast protocol called the Wireless LAN Context Control Protocol (WLCCP). These multicast messages cannot be routed. Therefore, a WDS and the associated infrastructure APs must be in the same IP subnetwork and on the same LAN segment. Between the WDS and the Wireless LAN Solution Engine (WLSE), WLCCP uses Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) on port 2887. When the WDS and WLSE are on different subnetworks, packet translation with a protocol like Networks Address Translation(NAT) cannot occur.

A WDS-enabled AP also acts as an aggregator for radio frequency(RF) statistics from the other APs. The WDS-enabled AP passes along these statistics to the Wireless LAN Solution Engine (WLSE) in order to highlight rogue APs. The monitor of RF allows the WLSE to create a map of wireless coverage. The WLSE also uses current APs in order to carry out side surveys and identify areas with no coverage. There is no limit to the number of WDS backup candidates. The backup candidates still function as APs that report to the WDS master. In addition, only the primary WDS AP establishes WLSE security keys and registers with the WLSE in order to interact with the WLSE. Only if the primary WDS fails, the backup WDS takes up the role of an active WDS AP and goes on to register with the WLSE and establish security keys. As long as the primary WDS is active, the primary WDS functions as a normal AP that reports to the WDS master.