On Thu, Mar 12, 2026 at 9:01 AM Alastair Turner <[email protected]> wrote: > Administering A records with multiple IP addresses is also a simpler, flat > process.
I agree, but I'm arguing that this architectural simplicity is also architecturally unsound. > I'd say that the boundary has moved - from "find me an endpoint from this > list of hosts with these characteristics" to "find me an endpoint from this > list of IPs with these characteristics" - rather than that they've become > tangled. "Connect me to this list of addresses as fast as possible" still > sounds like a good place to be. I'm uncomfortable redefining "host" in our code as a bag of arbitrary unrelated IP addresses. Here are some similar feature requests, adjusted to be more obviously problematic IMO, which should hopefully give you heartburn. - "I want libpq to try the next IP address if I try to connect to example.net and it gives me a certificate for evil.example.com." - "Ditto, if the certificate chain I'm served is completely invalid." - "Ditto, if the server cert is valid but it doesn't speak the postgresql ALPN." These are all indications that something is dangerously wrong with the entire *host*, and I think we should not continue in any of those cases. --Jacob
