Alexey Zakhlestin's Blog

Programming for Mac and Web

DNS SRV-records Support in HTTP-browsers


Ten years ago, today, on september 20, 1999 bug titled “DNS: RFC 2782 not supported (SRV records)” was submitted to Mozilla. Today, in 2009, bug has patch attached, but it is not committed and waits for approval. I doubt, that is the longest-living bug in mozilla, but, still, 10 years is a great age for a bug. Let’s party! :)

Now, some of my readers, are probably asking themselves: what is it all about? why is this bug important? Ok. Let’s find out!

How does browser usually find which server to ask, when you enter URL? Well, at first, it parses out protocol and domain name from URL. For example, if URL is then protocol is http and domain name is After that, browser sends request for “A” type record to DNS server and server replies with IP address (or several IP addresses). After that, browser tries to open connection with these addresses one by one, until it finds one which really works. Hopefully, first one will work, but sometimes each one will fail; In this case, browser will show us an error.

“A” records have the following format:

    hostname    IN  A   ip-address  time-to-live

For basic cases, this scheme seems to work just fine, but it has some inherent flaws, when you start to think about scalability.

  1. It is impossible to map different services on the same domain-name to different servers. For example: I can’t have FTP and HTTP servers responding on and, at the same time, located on different physical machines. My only option would be some kind of router, which would forward requests on different ports to different IP’s.

  2. It is impossible to map service to specific port of server. Browsers just looks for TCP-connection on port 80 while using HTTP, for example.

  3. It is impossible to implement sophisticated load-balancing rules in DNS. Having several A-records in DNS just gives possibility to have equal-load of several machines, nothing fancy.

It is an interesting fact, that all this problems are solved long time ago for one specific protocol called SMTP (yes, the one which delivers emails all around the globe). SMTP uses special kind of DNS-records called “MX” which allow to specify which machine(s) are waiting for SMTP-connections targeted to domain name and allow to specify priority of these machines, so, at first, clients will try to access machines with high priority and in case of problems will fallback to low-priority ones. So, MX records make email-infrastructure seriously more robust and scalable then anything else. Why such special treatment?

“MX” records have the following format:

    domainname  IN  MX  priority    hostname  time-to-live

Here, RFC 2782 comes on scene. Idea of this standard is to achieve similiar flexibility for any protocol used on internet.

“SRV” records allow to specify that specific application protocol, used over specific transport protocol of this domainname is handled by several servers on specific ports with various priority. That is as flexible as it can be. Let me throw some examples: 86400 IN SRV 0 5 81 86400 IN SRV 0 5 80 86400 IN SRV 1 9 81 86400 IN SRV 1 1 8000

These four records tell browser, that:

  • HTTP-over-TCP connections for “” domain are handled by 4 servers: on port 81, on port 80, on port 81 and on port 8000.

  • and have priority “0” (highest), so should be first to try. Both have weight “5”, which means, that they have 50% chance to be selected by client (equal load)

  • In case both of these are not reachable, browser should check lower-priority servers and, but www-backup.example com should be preferred in 9 out of 10 cases (it has weight=9, while another one has weight=1).

Sounds pretty cool, but, unfortunately, this technology is still not implemented in any of the browsers. Mozilla(Firefox) has this bug for 10 years, WebKit has this bug for 3+ years and Chromium has this bug since today.

There is no need for special support on webserver-side — that’s a good side of this technology too. Just add relevant records to DNS-server and all compliant clients will see it.

At the moment, SRV-records are widely used by XMPP/Jabber, SIP, LDAP software and Kerberos. I believe, any protocol in use can benefit.