I would assume the same, something with name resolution.. But what exactly... I have no idea..
Hardcode it in hosts file?

I really don't want to do that, because then I'd need to keep this in sync on all the devices. And some devices don't even have /etc/hosts (although those don't have agent either).

I suspected it might be some IPv4 vs. IPv6 confusion (because the error message explicitly mentions only the IPv4 address). I tried to disable IPv6 in the LAN, I'll see if that makes a difference. But if that was the case, I'd have expected many other people to have the same issue.

About 24h since I disabled IPv6, and not a single alert about agent not being available. Alerts about ICMP packet loss went away too (surprising, I attributed those to VPS issues).

I don't "need" IPv6 in my small home network, but I also don't see why this shouldn't work. Is there anything special people do to make Zabbix work with IPv6 enabled?

Hi!
The key is in this line from the agent log:
The Zabbix agent checks the IP address, but your configuration file contains a name: "server=zabbix.lan"
When the agent starts, it attempts to translate zabbix.lan to IP itself and remembers which IPs it can connect from.
In my opinion, it is worth trying this method. Just edit zabbux_agent2.conf or zabbix_agentd.conf (in path /etc/zabbix/zabbix_agent2.conf or zabbix_agentd.conf):
Then just restart agent:
If you want to use the name, make sure that the command
returns exactly 192.168.1.125, and not some other address.

Good luck!

But isn't that the whole problem with IPv6 enabled?

I don't want to hardcode IP addresses into config files. I want to use hostnames, because that's why hostnames exist, pretty much. And with IPv6 disabled, this seems to work perfectly fine.

With IPv6 enabled, it probably happens that the hostname gets translated into an IP address, and it grabs the IPv6 one. But the real connection comes through IPv4, and so it fails. (This is just a guess.)

Let's say I set "Server=" to the IPv4 address. Then all connections coming through IPv6 (because why not?) will fail the same way.

Shouldn't the source IP check allow any IP assigned to the hostname?

I hit the "agent not available" issue again, even with ipv6 disabled - maybe it makes it more likely, but it does not seem to be the root cause.

After searching for a bit, I found this thread from about a year ago: https://www.zabbix.com/forum/zabbix-...355#post489355

That suggests the built-in DNS resolver may have issues with delayed responses from upstream, treating slow responses as NXDOMAIN. Not sure if this is (still) true, but it would explain the symptoms. I've been using a local resolver to cache the DNS information, which should make such delays rare. But it seems systemd-resolved may be having a similar issue with delays, adding them as negative entries into the cache (in which case it stays broken for a while).

Of course, those are speculations / guesses, but after struggling with systemd-resolved for a while I tried switching to "unbound", with disabled cache for negative entries. And that seems to be working fine so far.

I have not tried enabling ipv6 again yet. I'll let it run for a while, before trying that.