client.dns.lookup property options for client
If you are using DNS aliases, you need to configure the right value for the
client.dns.lookup property for your setup.
client.dns.lookup property is needed when DNS aliases are used. There
can be problems with any security protocol if the
is not set properly.
client.dns.lookup property can take the following values:
In this case, the client connects to the first broker it gets from the DNS response, even if that broker is down. If you only provided a single DNS alias as bootstrap server for the client, the client might be blocked because the mentioned hostname is resolved for multiple brokers where the first broker (to which the client connected) is actually stopped.
This setup takes care of retrying all the possible IP addresses behind a hostname if the first does not succeed. This setup is also good when brokers have multiple IP addresses and it is possible that those addresses change (especially in Kubernetes environments). This configuration does not handle the case when the hostname used by the client is not a real FQDN for a host. To avoid man-in-the-middle attacks, the client gets SSL handshake exceptions when using SSL and SASL authentication exceptions when using SASL. Since Kafka version 2.6, this is the default.
client.dns.lookup=resolve_canonical_bootstrap_servers_onlyThis setup ensures a behavior similar to
use_all_dns_ips, but it also handles the SSL and SASL problem. With this configuration, the client resolves the DNS alias into a list of brokers it maps to and after the bootstrap phase, this behaves the same as