While Zabbix currently defaults to TCP for communication, the Stream Control Transmission Protocol (SCTP) offers several architectural advantages that address common pain points in large-scale monitoring environments.

Multi-homing (Redundancy & Resilience):

• It supports multiple IP addresses for a single connection (Multi-homing)
• SCTP can transparently failover to the backup path without dropping the session

Multi-streaming (Solving Head-of-Line Blocking)

• In TCP, all data is sent in a single stream. If one packet is lost, all subsequent data must wait for the retransmission, even if those later packets are unrelated. This is known as Head-of-Line (HoL) blocking
• SCTP  allows for multiple independent streams within one association
• A Zabbix Proxy might be sending critical high-priority triggers and low-priority historical bulk data (History Data) simultaneously.

Message-Oriented Delivery

• TCP is a byte-stream protocol; it doesn't know where one Zabbix JSON packet ends and the next begins. The application has to do the "heavy lifting" of framing the data.
• This simplifies the communication logic between the Agent and Server, as the protocol itself ensures that one "Check" or "Response" is delivered as a complete, distinct unit.

Resistance to "SYN Flooding"

• TCP uses a 3-way handshake that is vulnerable to SYN flood attacks because the server allocates resources before the connection is fully established
• SCTP uses a 4-way handshake with a "Cookie" mechanism. The server does not reserve resources until the client proves its identity by returning the cookie. This makes Zabbix Servers and Proxies significantly more resilient to Denial of Service (DoS) attacks from compromised agents or external actors.

 

https://www.geeksforgeeks.org/computer-networks/stream-control-transmission-protocol/