I have a TP-Link Archer C2600 dual-band router set up in the first floor of my house that provides poor signal strength at the opposite 2nd story corner of my house.
In order to extend my wireless range and also connect upstairs devices in a wired configuration I bought a TP-Link Archer C5 dual-band router and successfully setup a WDS backhaul over the 2.4GHz band as instructed by this TP-Link article. See figure below
What I found interesting is that TP-Link instructs to configure WDS only on the extended/repeater router (C5 in my scenario) and to leave the root router (C2600) as-is. TP-Link calls this Active WDS for the Repeater and Passive WDS for the root router.
However, this article from Netgear requires configuration changes on both the root & repeater router such that both routers know each other's MAC address. Using TP-Link's terminology, this would be dual Active WDS
Is the difference between TP-Link's Passive/Active setup and Netgear's Active/Active setup merely a difference in configuration with the same end result, or is one setup superior than the other and if so, how?
Best Answer
When configured for active WDS, all transmissions made to the other endpoint are done in 4-address mode. A side configured for active WDS can make the first transmission or it can wait for the other side to contact it first.
When passive WDS mode is used, the device cannot make the initial contact. But when the other side contacts it, if the other side uses 4-address mode, the side set to passive does too.
Obviously, active WDS must be used on at least one side, and that side must make the initial contact. Active WDS must be set up for a specific link to a specific device on the other end. Passive WDS is just an on/off switch for the access point and doesn't require any specific configuration for each link.
To use passive WDS, you have to allow any device that can connect to the AP to use 4-address mode. In some cases, this might be a security issue. Most home wireless networks don't implement any security model beyond just encryption and accept that anyone who knows the key can hijack any and all traffic, so this isn't really an issue.
A properly configured and established WDS link will ultimately be exactly the same, 4-address mode used in both directions, regardless of how it's established.
Setting active on both sides is more secure. Leaving the "main" AP passive and just setting active on the additional APs is easier to configure and manage. But unless you're doing something unusual with your security, it's just a matter of preference.