True! I will think about it.
As for round-robin DNS, I agree with you but for sure the caching issue does not make it very robust.
Also, what I like in client-side load-balancing is the low DNS maintenance needed to make it work as it is only used to get the seed list.
As an alternative solution, I though about renting a IP block from my provider, allocate the whole block to my front-end servers, buy a certificate with all IPs declared in the SAN fields, and install it on all servers. I would loose automation a la Let’s Encrypt but I guess it would work?
Just for my understanding, what is the rationale behind not allowing to add the IP addresses present in the DNS record? Is there a security issue?
Anyway, thank you very much for your help and time, I better understand the problem now.