Disclaimer: since I'm not a Zabbix employee, I won't have edit access to this issue description after submitting it. If I feel the need to supplement/modify this feature request somehow, I'll have to do that in the comments, so be sure to read the comments as well. I didn't find this idea in an existing issue so here we go.
 
Currently, since the introduction of proxy load balancing in Zabbix 7.0, it is possible to configure an active agent with only one proxy IP/DNS name (from the proxy group) in ServerActive, and there is redirection protocol that guides the agent to the correct proxy within the same proxy group. This makes adding more proxies to the group easy as you don't have to add them to all agents manually (= outside of Zabbix).
 
This of course requires that the one proxy that is configured on the agent(s) is still up and part of the correct proxy group.
 
How about extending this same concept with a new Zabbix component that exists just to guide the agents to their correct proxy or proxies (or server)?
 
I'll call it now Zabbix Redirector.
 
The idea is that the agents are configured with just one IP or DNS name (= the Redirector) in ServerActive (but there can be more than one if required). That redirector is paired with the Zabbix server (or maybe even proxies, to prevent the need for direct connectivity with the server), and it receives the knowledge about all configured hosts in Zabbix from the server/proxies. When an agent contacts the Redirector, it receives a redirection response from the Redirector that guides the agent to the correct server/proxy/proxies, and it can then proceed to get the current configuration and can start monitoring.
 
The Redirector(s) should be reachable from the active agents by IP or DNS name, for example, zabbixredirector.example.com. The Example organization would internally take care that all active agents are able to resolve that name and connect to its address, and from there on the agents automatically get the correct proxy/server address(es) where they should connect to. The Redirector(s) can also be behind some kind of local or global load balancing for reachability and/or redundancy reasons.
 
The Redirector is very lightweight as it does not handle any data or item configurations that the agents send or receive. It only needs to handle the host-to-proxy/server mapping data and the occasional agent requests.
 
The Redirector provides flexibility for deploying and reconfiguring Zabbix proxies: adding more proxies or moving the agents to different proxies is now centrally managed as no change is required on agents' ServerActive directive.
 
If the agent is moved away (by the Zabbix configuration) from the current proxy/proxy group/server, it will next time get a rejection from the previously selected proxy/server and then the agent can automatically revert back to ServerActive configuration, to again connect to the Redirector.
 
At any agent restart it will use the ServerActive directive in any case. Not sure if periodical recheck with the Redirector would be needed as well, maybe not.
 
The agent-side behavior is thus pretty much the same as with the existing 7.0+ proxy load balancing.
 
Security (like encryption or authentication requirements) should be considered with Redirector connectivity, just like with proxy or other Zabbix component connectivity, I'm quite sure Zabbix people are well aware of details to consider here.
 
Agent version dependency: version 7.0 or newer is required for the redirection messages to be understood. Older agents still need to be configured as earlier and they cannot use the Redirector (just like they cannot use proxy load balancing either).