Articles

Microservices Service Discovery: DNS vs Registry Patterns (2026)

April 18, 2026 6 min read

DNS as a service registry is surprisingly fragile and often a worse choice than dedicated solutions.

Let’s say you have three instances of your user-service:

  • user-service-1.prod.svc.cluster.local
  • user-service-2.prod.svc.cluster.local
  • user-service-3.prod.svc.cluster.local

When your order-service needs to talk to user-service, it typically performs a DNS lookup for user-service.prod.svc.cluster.local. The DNS server, in a Kubernetes environment for example, will resolve this to the IP addresses of the available user-service instances, often using round-robin or other basic load-balancing mechanisms.

Here’s how order-service might actually discover and connect to user-service:

# On the order-service pod, simulating a DNS lookup
nslookup user-service.prod.svc.cluster.local
Server:         10.43.0.10
Address:        10.43.0.10#53

Name:   user-service.prod.svc.cluster.local
Address: 10.1.2.3   # IP of user-service-1
Name:   user-service.prod.svc.cluster.local
Address: 10.1.2.4   # IP of user-service-2
Name:   user-service.prod.cluster.local
Address: 10.1.2.5   # IP of user-service-3

The order-service client then picks one of these IPs, say 10.1.2.3, and makes an HTTP request.

But what happens when user-service-2 crashes?

The Problem with DNS for Dynamic Environments

DNS is fundamentally a static, relatively slow-to-update system. When user-service-2 goes down, its IP address (10.1.2.4) remains in the DNS records for a while. This is due to DNS caching, both on the client side (the order-service pod) and at intermediate DNS resolvers.

If order-service has cached the DNS entry, it might continue to try and connect to 10.1.2.4 for a significant period, leading to connection errors or timeouts until the cache expires. Even if the cache is short, the DNS server itself might not be updated immediately by the orchestrator (like Kubernetes) when a pod dies. This propagation delay means your services can be trying to reach non-existent endpoints.

The Service Registry Pattern

A service registry is a dynamic database of available service instances. Services register themselves with the registry upon startup and deregister upon shutdown. Clients query the registry to find available instances of a service. This is a much more active and responsive mechanism.

Think of it like a real-time directory assistance service, not a printed phone book.

Components:

  1. Service Provider: The microservice instances (e.g., user-service pods).
  2. Service Registry: A central database (e.g., Consul, etcd, ZooKeeper, Eureka).
  3. Service Consumer: The microservice that needs to call other services (e.g., order-service pods).

Typical Flow:

  1. Registration: When a user-service instance starts, it registers itself with the service registry, providing its IP address, port, and any metadata.
  2. Discovery: When order-service needs to call user-service, it queries the service registry.
  3. Communication: The registry returns a list of healthy user-service instances. order-service picks one and communicates.
  4. Heartbeats/Health Checks: Registry providers typically send heartbeats to the registry. If heartbeats stop, the registry marks the instance as unhealthy and removes it from the list provided to consumers.

Example with Consul:

Let’s imagine user-service instances are running and registering with Consul.

Registration (simplified command from a user-service pod):

consul services register -name user-service -id user-service-1 -port 8080 -address 10.1.2.3
consul services register -name user-service -id user-service-2 -port 8080 -address 10.1.2.4
consul services register -name user-service -id user-service-3 -port 8080 -address 10.1.2.5

Discovery (from order-service pod’s perspective, using Consul client):

# Command to query Consul for user-service instances
consul services read --service user-service

Output (if all services are healthy):

[
  {
    "ID": "user-service-1",
    "Name": "user-service",
    "Tags": [],
    "Address": "10.1.2.3",
    "Port": 8080,
    "EnableTagOverride": false,
    "CreateTime": "2023-10-27T10:00:00Z",
    "ModifyTime": "2023-10-27T10:00:00Z",
    "HeartbeatFrom": ""
  },
  {
    "ID": "user-service-2",
    "Name": "user-service",
    "Tags": [],
    "Address": "10.1.2.4",
    "Port": 8080,
    "EnableTagOverride": false,
    "CreateTime": "2023-10-27T10:01:00Z",
    "ModifyTime": "2023-10-27T10:01:00Z",
    "HeartbeatFrom": ""
  },
  {
    "ID": "user-service-3",
    "Name": "user-service",
    "Tags": [],
    "Address": "10.1.2.5",
    "Port": 8080,
    "EnableTagOverride": false,
    "CreateTime": "2023-10-27T10:02:00Z",
    "ModifyTime": "2023-10-27T10:02:00Z",
    "HeartbeatFrom": ""
  }
]

Now, if user-service-2 crashes and stops sending heartbeats to Consul, Consul will automatically mark it unhealthy. The next time order-service queries Consul:

Output (after user-service-2 fails):

[
  {
    "ID": "user-service-1",
    "Name": "user-service",
    "Tags": [],
    "Address": "10.1.2.3",
    "Port": 8080,
    "EnableTagOverride": false,
    "CreateTime": "2023-10-27T10:00:00Z",
    "ModifyTime": "2023-10-27T10:00:00Z",
    "HeartbeatFrom": ""
  },
  {
    "ID": "user-service-3",
    "Name": "user-service",
    "Tags": [],
    "Address": "10.1.2.5",
    "Port": 8080,
    "EnableTagOverride": false,
    "CreateTime": "2023-10-27T10:02:00Z",
    "ModifyTime": "2023-10-27T10:02:00Z",
    "HeartbeatFrom": ""
  }
]

order-service will receive only the healthy instances and won’t attempt to connect to the dead user-service-2.

Why Service Registries are Better

  • Real-time Updates: Service registries are designed for frequent changes. Registration, deregistration, and health status updates happen in near real-time.
  • Health Checking: Most registries actively monitor service health through heartbeats or by running defined health checks. This ensures clients only get directed to healthy instances.
  • Rich Metadata: Registries can store more than just IP and port; they can store version information, deployment environments, capabilities, etc., allowing for more sophisticated routing.
  • Client-Side vs. Server-Side Discovery: While DNS is often used for client-side discovery (the client does the lookup), service registries can be integrated into client libraries (client-side) or used by an API gateway or load balancer (server-side).

The "Hidden" Complexity of DNS

What many overlook is that modern platforms like Kubernetes do use a form of service registry internally (often etcd) and then expose service discovery via DNS. However, this Kubernetes DNS (like CoreDNS) is designed to be highly dynamic, pulling state from the cluster’s API server which tracks pod health. This makes Kubernetes’s internal DNS much more robust than traditional DNS for service discovery.

The problem arises when you try to use plain DNS (like public DNS servers or even internal DNS not tightly coupled to your orchestrator) for service discovery in a dynamic microservices environment. This is where you hit the caching and slow-update issues.

When you need to discover services, especially in a cloud-native or containerized environment, a dedicated service registry pattern (like Consul, Eureka, or Kubernetes’s built-in service discovery) is almost always the more resilient and performant choice.

The next step after mastering service discovery is understanding how to implement intelligent routing based on service metadata.

Want structured learning?

Take the full Microservices course →