Hi Cyber, Thanks for taking the time to answer my question

I'm afraid I haven't stated my situation clear enough, or maybe I'm making a wrong assumption.

I'm not working with passive checks, my zabbix-server doesn't know on which ports the zabbix-agents are listening, my zabbix-server is passive. The zabbix-agents are actively approaching the zabbix-server with a json request and the zabbix-trapper (on the zabbix-server) traps the request and sends a response back to the agent on the same port (port 10051 for agent1). According to the documentation, when using active checks:

1. Agent opens a TCP connection
2. Agent asks for the list of checks
3. Server responds with a list of items (item key, delay)
4. Agent parses the response
5. TCP connection is closed
6. Agent starts periodical collection of data

Above is the initial startup of the agent (or when the RefreshActiveChecks time has passed), active checks are added on the agent side, data is then collected and (actively) send to the zabbix-server through the same port in a new connection:

1. Agent opens a TCP connection
2. Agent sends a list of values
3. Server processes the data and sends the status back
4. TCP connection is closed

When I say ListenPort, I'm talking about the setting in zabbix_server.conf on my zabbix-server, because in my environment the zabbix-server is passively listening to the agents. The default for this port is 10051, which correspondents with the default port for active checks for zabbix-agents. The default port for listening for a zabbix-agent is 10050 and it is a closed port both on my zabbix-server and on my hosts, I'm not using this port because I don't use passive checks.

Because I'm introducing a host with a second zabbix-agent and I want the agent2 to approach a different server through a different port. Agent1 is already using port 10051 to correspondent with my client's zabbix-server, so I assumed agent2 should use a different port: 10052, if that is true my zabbix-server should also listen on port 10052 for this specific agent. Maybe this is based on a wrong assumption on my part... As far as I know zabbix uses TCP for active checks and you can't use the same TCP port for multiple processes. Why would that be different with zabbix-agents?

So I think I'm still looking for how I can make my zabbix-server listen on multiple ports. But

Thanks again : )

Great, thanks for the response!

Of course! I had assumed the ServerActive setting in zabbix_agent.conf sets the outgoing port, but obviously it sets the port on which to connect. LOL
I'll try it out and let you know the result.


I was talking about the setting ListenPort in the zabbix_server.conf file; it's really there, just take a look In the docs it specifies it is the listenport for the zabbix-trapper. You're right that all my zabbix-agents have a .conf file with a ListenPort setting as well, but it's commented out (making it default) and port 10050 is blocked by the firewall. All zabbix-agents I've got running are not passive but active. All templates I use have active items, there are no passive checks. Might not be the most regular use of Zabbix-agents, but it allows me to close ports for incoming traffic. Which is a vulnerability less to worry about.

Great it works, You where right; I just had to make a new conf file, zabbix_agentd_2.conf, copy the PIDfile chown it to zabbix user and adjust the settings to have the correct Hostname, ServerActive, LogFile and UserParameters. Then it started using zabbix_agentd -c /etc/zabbix/zabbix_agentd_2.conf

Thanks Cyber!

This is the answer to my initial question. however I realize now that is was the wrong question to solve my problem xD

EDIT: My posts here are out of sequence due to human error and restoring of posts, try to fit them between other posts in thread, you should get a bit more clear picture.

Why do you want your server to listen on multiple ports... you don't need it. You can run multiple instances of agent on one server, they just need to use different listening port. You can configure each of them to send their data to different server. Your server does not need any different port for listening to that agent. Your server only needs to know, that agent is listening on that particular port.

agent1: listens on 10051: sends data to Server1:10050
agent2:listens on 10052: sends data to Server2:10050
...
agent N: listens on some port: sends data to ServerN:10050

when starting up different instance, you need to specify, which config file to use with -c --config <config-file>
OTHER AGENT OPTIONS


It is possible to run multiple instances of the agent on a host. A single instance can use the default configuration file or a configuration file specified in the command line. In case of multiple instances each agent instance must have its own configuration file (one of the instances can use the default configuration file).
https://www.zabbix.com/documentation...concepts/agent

yea, in that sense, I really screwed up ports in my post... was doing something else on the side...
you are correct... server default is 10051 and agent default is 10050

but the rest of it in your post ... its off by a mile... agents listening port is for incoming connections (ListenPort - Agent will listen on this port for connections from the server.). IF your server tries to connect (for example send config to passive agent) it will connect to that port.

Agents outgoing connection is not done from the same port, its done using any available port (I think the same 1024-32767 range applies) but it will connect to Server:10051 and send its data.

Now... IF you have multiple instances of agent on your host... one on default 10050, other on 10051, third 10055 etc... all those agent instances have their own config, where you may specify different servers, where to send... Even if that agent is listening on 10055 port, it does not mean, that your server has to do the same... Your server is still listening on port 10051...

Let me try again with that..
agent1: listens on 10050: sends data to Server1:10051
agent2:listens on 10051: sends data to Server2:10051
...
agent N: listens on some port: sends data to ServerN:10051

Of course ListenPort is there for Server also, but it will just tell, which port your server is listening on (technically its trapper port, yes, trappers are utilized to process incoming data) and you cannot have several of those...

At least you read docs before asking.... seems to become a rare thing nowadays.