Introduction MongoDB connection strings using the `mongodb+srv://` protocol rely on DNS SRV records to discover the replica set members. When DNS resolution fails—due to misconfigured records, DNS resolver issues, or firewall blocking—the application cannot connect to any MongoDB nodes, even though the individual nodes are reachable.

Symptoms - `MongoServerSelectionError: getaddrinfo ENOTFOUND` or `querySrv ENOTFOUND` - `MongoParseError: Error querying DNS records` - Connection works with standard `mongodb://` URI but fails with `mongodb+srv://` - `dig` or `nslookup` for SRV records returns `SERVFAIL` or `NXDOMAIN` - Application fails to start with DNS resolution timeout

Common Causes - SRV record not created or has typos in the DNS zone - DNS resolver does not support SRV record queries (some corporate DNS) - Firewall blocking UDP port 53 DNS queries - DNS propagation delay after creating or modifying SRV records - Kubernetes DNS not resolving external SRV records correctly

Step-by-Step Fix 1. **Verify SRV record exists and is correct": ```bash # Query the SRV record dig SRV _mongodb._tcp.cluster0.example.com

# Expected output: # _mongodb._tcp.cluster0.example.com. 60 IN SRV 0 0 27017 mongo1.example.com. # _mongodb._tcp.cluster0.example.com. 60 IN SRV 0 0 27017 mongo2.example.com. # _mongodb._tcp.cluster0.example.com. 60 IN SRV 0 0 27017 mongo3.example.com.

# Also check the TXT record for replica set options dig TXT cluster0.example.com # Expected: "replicaSet=myReplicaSet&ssl=true" ```

  1. 1.**Test connectivity to resolved hosts":
  2. 2.```bash
  3. 3.# Get the resolved hostnames from the SRV record
  4. 4.nslookup -type=SRV _mongodb._tcp.cluster0.example.com

# Test TCP connectivity to each resolved host nc -zv mongo1.example.com 27017 nc -zv mongo2.example.com 27017 nc -zv mongo3.example.com 27017 ```

  1. 1.**Fall back to standard connection string if SRV fails":
  2. 2.`
  3. 3.# Instead of:
  4. 4.# mongodb+srv://user:pass@cluster0.example.com/mydb

# Use the resolved hosts directly: mongodb://user:pass@mongo1.example.com:27017,mongo2.example.com:27017,mongo3.example.com:27017/mydb?replicaSet=myReplicaSet&ssl=true ```

  1. 1.**Fix Kubernetes DNS resolution for SRV records":
  2. 2.```yaml
  3. 3.# In /etc/resolv.conf of the pod, ensure proper nameserver
  4. 4.apiVersion: v1
  5. 5.kind: ConfigMap
  6. 6.metadata:
  7. 7.name: dns-config
  8. 8.data:
  9. 9.resolv.conf: |
  10. 10.nameserver 8.8.8.8
  11. 11.nameserver 8.8.4.4
  12. 12.options ndots:5
  13. 13.`
  14. 14.**Configure Node.js DNS resolver":
  15. 15.```javascript
  16. 16.const { MongoClient } = require('mongodb');

// Force IPv4 resolution if dual-stack causes issues const client = new MongoClient(process.env.MONGODB_URI, { family: 4, // Force IPv4 serverSelectionTimeoutMS: 10000 });

await client.connect(); ```

Prevention - Test SRV record resolution as part of health checks and deployment pipelines - Include fallback connection strings (standard `mongodb://` format) in configuration - Use DNS monitoring to alert on SRV record resolution failures - Keep DNS TTL low (60 seconds) for quick updates during failover - For MongoDB Atlas, verify the cluster's network access list includes your application IPs - Document the direct host connection string as a disaster recovery fallback - Use a DNS provider that supports SRV records reliably (Route 53, Cloudflare)