What Is an SVCB Record

Learn how SVCB records enable service binding and discovery for any protocol. Includes examples for the DNScale dashboard and API.

An SVCB (Service Binding) record is a general-purpose DNS record type that provides connection parameters for any service. It enables clients to discover service endpoints along with their configuration—protocol versions, ports, and IP hints—in a single DNS query.

How SVCB Records Work

SVCB records provide a flexible framework for service discovery:

_myservice._tcp.example.com.    3600    SVCB    1 . alpn="myproto" port=8080

This tells clients: "To connect to myservice over TCP, use protocol 'myproto' on port 8080."

SVCB vs HTTPS Records

Record	Purpose	Use Case
HTTPS	Service binding for HTTPS	Web servers, APIs
SVCB	Service binding for any protocol	Custom protocols, non-HTTP services

HTTPS records are essentially SVCB records with a predefined scheme (https). The record format is identical.

Record Components

Priority

0 = Alias mode (redirect to another name)
1-65535 = Service mode (provide connection parameters)

Target

. = Use the query name
hostname = Use a different host

Service Parameters (SvcParams)

Parameter	Description	Example
`alpn`	Application protocols	`myproto`
`port`	Service port	`8080`
`ipv4hint`	IPv4 address hints	`192.0.2.1`
`ipv6hint`	IPv6 address hints	`2001:db8::1`
`no-default-alpn`	No default protocol	(flag)
`mandatory`	Required parameters	(list)

Common Use Cases

Custom Application Protocol

_myapp._tcp.example.com.    3600    SVCB    1 . alpn="myproto/1.0" port=9000

DoH (DNS over HTTPS)

_dns.example.com.    3600    SVCB    1 . alpn="h2" port=443 dohpath="/dns-query"

DoT (DNS over TLS)

_dns.example.com.    3600    SVCB    1 . alpn="dot" port=853

WebSocket Service

_websocket._tcp.example.com.    3600    SVCB    1 ws.example.com. alpn="h2,h3" port=443

Service with Multiple Endpoints

_api._tcp.example.com.    3600    SVCB    1 api1.example.com. port=443
_api._tcp.example.com.    3600    SVCB    2 api2.example.com. port=443
_api._tcp.example.com.    3600    SVCB    3 backup.example.com. port=8443

Alias Mode (Service CNAME)

_service._tcp.example.com.    3600    SVCB    0 _service._tcp.provider.com.

Record Format

Field	Description	Example
Name	Service name	`_service._tcp.domain`
Type	Record type	`SVCB`
Priority	Service priority	`1`
Target	Target hostname	`.` or hostname
Params	Service parameters	`alpn="proto" port=8080`
TTL	Time to live (seconds)	`3600`

Adding an SVCB Record

Using the Dashboard

Navigate to your zone in the DNScale dashboard
Click Add Record
Configure the record:
- Name: Enter the service name (e.g., _myservice._tcp)
- Type: Select SVCB
- Priority: Set priority (1 for primary, 0 for alias mode)
- Target: Use . for same name or enter target hostname
- ALPN: Enter protocols (optional)
- Port: Enter service port (optional)
- IPv4 Hint: (Optional) IPv4 address
- IPv6 Hint: (Optional) IPv6 address
- TTL: Set the cache duration (default: 3600)
Click Create Record

Using the API

Create a basic SVCB record:

curl -X POST "https://api.dnscale.eu/v1/zones/{zone_id}/records" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "_myservice._tcp",
    "type": "SVCB",
    "content": "1 . port=9000",
    "ttl": 3600
  }'

With ALPN and IP hints:

curl -X POST "https://api.dnscale.eu/v1/zones/{zone_id}/records" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "_api._tcp",
    "type": "SVCB",
    "content": "1 . alpn=\"myproto\" port=8443 ipv4hint=192.0.2.1",
    "ttl": 3600
  }'

Multiple priorities for failover:

# Primary endpoint
curl -X POST "https://api.dnscale.eu/v1/zones/{zone_id}/records" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "_service._tcp",
    "type": "SVCB",
    "content": "1 primary.example.com. port=443",
    "ttl": 3600
  }'
 
# Backup endpoint
curl -X POST "https://api.dnscale.eu/v1/zones/{zone_id}/records" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "_service._tcp",
    "type": "SVCB",
    "content": "2 backup.example.com. port=443",
    "ttl": 3600
  }'

Alias mode:

curl -X POST "https://api.dnscale.eu/v1/zones/{zone_id}/records" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "_myservice._tcp",
    "type": "SVCB",
    "content": "0 _myservice._tcp.provider.com",
    "ttl": 3600
  }'

API Response:

{
  "status": "success",
  "data": {
    "message": "Record created successfully",
    "record": {
      "id": "encoded-record-id",
      "name": "_myservice._tcp.example.com.",
      "type": "SVCB",
      "content": "1 . alpn=\"myproto\" port=8443",
      "ttl": 3600,
      "disabled": false
    }
  }
}

Priority and Failover

SVCB records with different priorities enable failover:

_service._tcp.example.com.    SVCB    1 primary.example.com. port=443
_service._tcp.example.com.    SVCB    2 secondary.example.com. port=443
_service._tcp.example.com.    SVCB    10 backup.example.com. port=8443

Clients try priority 1 first
If unavailable, try priority 2
Priority 10 is last resort

Same priority = client chooses randomly (load balancing).

SVCB Naming Conventions

For services following RFC conventions:

_service._protocol.domain
 
Examples:
_https._tcp.example.com.     ; HTTPS (though HTTPS record is preferred)
_imaps._tcp.example.com.     ; IMAPS
_submissions._tcp.example.com. ; SMTP submission
_dns._udp.example.com.       ; DNS over UDP

Alias Mode vs Service Mode

Alias Mode (Priority 0)

Redirects to another SVCB/HTTPS record:

_service._tcp.example.com.    SVCB    0 _service._tcp.provider.com.

Like CNAME, but for service binding
No parameters allowed
Must have a target hostname

Service Mode (Priority 1+)

Provides direct service parameters:

_service._tcp.example.com.    SVCB    1 . port=8080

Contains connection details
Can use . for same name
Supports all parameters

Best Practices

Use HTTPS record for web - For HTTP/HTTPS services, use the HTTPS record type
Include essential parameters - At minimum, specify port if non-standard
Plan for failover - Use multiple priorities for high availability
Keep A/AAAA records - SVCB supplements but doesn't replace address records
Use IP hints for performance - Reduce DNS round trips with ipv4hint/ipv6hint
Follow naming conventions - Use _service._protocol.domain format

Testing SVCB Records

# Query SVCB records
dig SVCB _myservice._tcp.example.com
 
# With detailed output
dig SVCB _myservice._tcp.example.com +short
 
# Check specific nameserver
dig SVCB _myservice._tcp.example.com @ns1.dnscale.eu

HTTPS - SVCB specifically for HTTPS
SRV - Legacy service discovery
A - IPv4 addresses
AAAA - IPv6 addresses

Conclusion

SVCB records provide a modern, flexible framework for service discovery that goes beyond traditional SRV records. With support for protocol negotiation, port specification, and IP hints, SVCB enables efficient service connections with minimal round trips. While HTTPS records are preferred for web services, SVCB is ideal for custom protocols and non-HTTP services. DNScale's comprehensive SVCB support lets you configure sophisticated service discovery for any application.