openssh unix dev - May 2025 - OpenSSH (ssh or sftp) client support of DNS SRV records

And a connection will fail if one of the round robin servers is down if
that's the address given on a resolution, vs SRV entries knowing which
servers to try (in order) if any server fails.
________________________________
From: SCOTT FIELDS <Scott.Fields at kyndryl.com>
Sent: Monday, May 12, 2025 2:43 PM
To: Travis Hayes <travis.hayes at gmail.com>
Cc: Herbie via openssh-unix-dev Robinson <openssh-unix-dev at mindrot.org>
Subject: Re: [EXTERNAL] Re: OpenSSH (ssh or sftp) client support of DNS SRV
records

The problem with DNS round robin definitions (having an A/AAAA record with
multiple addresses) is you don't have load preference rules that are
associated with SRV records.
________________________________
From: Travis Hayes <travis.hayes at gmail.com>
Sent: Monday, May 12, 2025 2:37 PM
To: SCOTT FIELDS <Scott.Fields at kyndryl.com>
Cc: Herbie via openssh-unix-dev Robinson <openssh-unix-dev at mindrot.org>
Subject: [EXTERNAL] Re: OpenSSH (ssh or sftp) client support of DNS SRV records
> On May 12, 2025, at 13:29, SCOTT FIELDS via openssh-unix-dev
<openssh-unix-dev at mindrot.org> wrote:
>
> ?This was discussed some time ago (SRV lookup support (Bugzilla 2217)), but
I'd like to revisit.
>
> I would find value in using a multi-homed SSH/SFTP homed server solution
that's not tied to a specific DNS IP address.
>
> Most solutions I'm aware of use a port forwarding load-balancer
solution.
>
> And some newer solutions are using DNS based load balancers.
>
> The advantage of using a SRV record solution is you don't have to
invest in a port-forwarding solution or even a DNS load balancer and still be
able to leverage having multiple redundant SSH servers.
>
> I don't see any follow-up. and not sure if any reason was put forward
why it's a bad idea.
>
> The front end code already exists in other products that already leverage
this. 'sendmail' is the most obvious example.
>
> AKA,
>
> You have the following SRV records:
>
> _ssh._tcp.<mydomain.com>
>
> _ssh._tcp.<mydomain.com has SRV record 0 110 123
sshserver1.<mydomain.com
> _ssh._tcp.<mydomain.com has SRV record 0 110 123
sshserver2.<mydomain.com
> _ssh._tcp.<mydomain.com has SRV record 0 110 123
sshserver3.<mydomain.com
>
> And the client can determine the SSH servers available in the domain, if
present and use the load balancing rules to decide which to connect to.
>
> Scott Fields
> Kyndryl
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev 
Would your use case be specifically for SRV records, or would A or AAAA records
with multiple IPs satisfy it?

I?m not sure how this would be useful to me, but I do see how a cluster of SFTP
servers might?