ZWave feature compatibility

As I am ramping up my smart home setup I am noticing that even though all Zwave is backwards compatible, it has quite a few sets of features. While I don’t care about most of these features, I would like to make sure the devices still talk to each other optimally.
I am buying that all Zwave-plus devices, but some are missing S2 settings

Are devices lacking S2 able to act as repeaters for S2 enabled devices: aka, does the whole route have to be S2 enabled ?
I notice that the new 700 series chip is touting crazy long ranges.
Is there an upside to buying 700 chip devices to act as repeaters ? (hub is ST v3, thus 500 series and all other devices are 500).

Thanks for the info.

Simplest rule of thumb: you’ll get the benefit of the newer features, including longer range, only when both devices at each end of the message support those newer features. And sometimes the hub also has to as well.

The repeater with longer range isn’t going to help you if the device it’s talking to can’t get the message back that far.

With zwave, “backwards compatibility“ generally means “lowest common denominator“ meaning that the newer device will fall back to acting like an older device.

Security deviates from this, but not in a way that helps you. It is actually no longer possible to associate an older generation zwave device that doesn’t support S2 security with a device that is using S2 security. This means the newer device is NOT “ Backwards compatible“ unless you configure it as unsecured. That’s not the way the concept of backwards compatibility used to work in Zwave, but it’s not surprising, security with most other protocols works in a similar fashion. You can’t add a device as highly secure and then get it to act like it’s not as secure because it’s talking to another device which is not as secure. So it all makes sense, but it is just something to be aware of.

My personal strategy, as someone who has worked with Zwave since the third generation, is to “lead with the hub.“ I wouldn’t buy series 700 devices to work with a series 500 hub, but you can do it if you want to.

And As someone who was a field tech, not a hobbyist, I tend to go for “state of the craft” rather than “state of the art” anyway. My stuff is usually 6 to 12 months behind whatever is the newest because I want stability rather than bragging rights. But that’s a personal decision. And every once a while I do get something brand new because there’s a feature I really want. So it’s not a hard and fast rule, it’s just a guideline for what will typically make my life easier. :sunglasses:

Thanks for the info.
This whole security things is a bit of a headache :slight_smile:
What I got: Security does not play a role in the ability of a node to route, but an un-secure node will downgrade security for the whole chain (no shocking).
What security might impact though, is that the device could decide to withhold functionality given a lower security level.

Not exactly. That’s what happens with other features under the backwards compatibility concept.

S2 security is Handled differently. Once a Nonhub Z wave device is configured with S2 level security it will no longer communicate to devices which do not support S2 level security, including repeaters.

They can both belong to the same network and talk to the same hub, But they won’t talk to each other.

That’s why you need to have some S2 repeaters If you are going to have any devices configured for S2 level security, because those devices won’t use your other repeaters.

For other zwave features, though, it works the way you describe, The newer device falls back to the older level when talking to the other device. So Z wave plus devices can route their messages through a Z wave classic repeater, no issue. as long as everything is at the same security level.

My devices report an assortment of : ZWAVE_S2_FAILED and ZWAVE_LEGACY_NON_SECURE codes in
even though some devices the “failed” device state that they support S2 (think STv3 implements S2 security)

Any insight ?

First, when you post in the forum, always use the universal URL, instead of the specific shard that you are on.

The universal URL:

FAQ: How to find out what "shard" (cloud slice IDE URL) your Account / Location is on?

There’s a difference between “is capable of” and “is using.”

When you see “Z wave_S2_failed“ That normally means the device is capable of joining with S2 security enabled but it didn’t happen at the time that you joined it so it is not using that level. That could’ve been a failed pairing, it could’ve been intentional on your part.

“Legacy non-secure“ devices are older devices which are not capable of joining with S2 security enabled.

How do I fix the fixable ones ? :slight_smile:
Exclude / re-pair ?