Understanding DNS A Record with Examples
Updated: Sep 17
DNS A record maps a domain name to the IP address (Version 4) of the server hosting the domain. The "A" stands for "address". DNS A record indicates the IP address of a given domain.
DNS A record is the most fundamental type of DNS record. It is one of the primary records used in DNS servers.
DNS A record only holds IPv4 addresses. If a server has an IPv6 address, it will instead use an "AAAA" record.
DNS A record is specified by RFC 1035.
When do we use an A record in DNS?
The most common usage of A records is IP address lookups: matching a domain name (like "howtouselinux.com") to an IPv4 address.
This enables a user's device to connect with and load a website, without the user memorizing and typing in the actual IP address. The user's web browser automatically carries this out by sending a query to a DNS resolver.
DNS A records are ideal for pointing our domain (or subdomain) to a server that has a static IPV4 address. To point to an IPV6 address we would need to use an AAAA record.
Example of DNS A record
We have two A records in this example.
howtouselinux.com record type: value: TTL @ A 192.0.2.1 14400 blog A 192.0.2.2 14400
howtouselinux.com => A => 192.0.2.1 blog.howtouselinux.com => A => 192.0.2.2
The "@" symbol in this example indicates that this is a record for the root domain, and the "14400" value is the TTL (time to live), listed in seconds.
The default TTL for A records is 14,400 seconds. This means that if an A record gets updated, it takes 240 minutes (14,400 seconds) to take effect.
Blog is the subdomain of howtouselinux.com. It points to another IP address.
One domain can have Multiple A records
The vast majority of hostnames only have one A record, but it is possible to have several. Some higher-profile servers will have several different A records as part of a technique called round-robin load balancing, which can distribute request traffic to one of several IP addresses, each hosting identical content.
For example, google.com has several IPs.
google.com. 0 IN A 220.127.116.11 google.com. 0 IN A 18.104.22.168 google.com. 0 IN A 22.214.171.124 google.com. 0 IN A 126.96.36.199 google.com. 0 IN A 188.8.131.52 google.com. 0 IN A 184.108.40.206
One domain can have multiple A records in order to provide redundancy and fallbacks.
Multiple names could point to the same address. Each would have its own A record pointing to that same IP address.
Different Domain Name can have Same A Record
In name-based virtual hosting, also called shared IP hosting, the virtual hosts serve multiple hostnames on a single machine with a single IP address.
This is possible because when a web browser requests a resource from a web server using HTTP/1.1 it includes the requested hostname as part of the request. The server uses this information to determine which website to show the user.
So many domains share the same A Record with other domains.
How can we use a DNS A record for a subdomain?
For subdomains, we can add other A records for them. Each subdomain can have a A record.
For cases where an A record is preferred, we can point a particular subdomain to an IPV4 address follow this pattern:
www 10800 IN A 220.127.116.11
This record points only to the subdomain www, so visits to www.example.com will go to this IP address.
What is wildcard DNS A record?
It is also technically possible to create a wildcard A record:
* 10800 IN A 18.104.22.168
This will point any unassigned subdomains to the IP address listed. It will not override other records for specific subdomains, but it will allow a visitor to reach the given IP address by by typing any other combination of letters or words as a subdomain. However, creating a wildcard A record has some potential downfalls.
First, not all situations will support wildcard A records. A wildcard A record will only work if the server and our extension both support this kind of record.
Second, since any possible subdomain will go to our main site, it makes it possible for someone to use an unflattering subdomain as a valid link to our site, such as thisisabadexample.example.com.
DNS A record Lookup
We can use dig to determine the A record associated to a domain name. The result is contained in the ANSWER section. It contains the fully-qualified domain name (FQDN), the remaining time-to-live (TTL), and the IP address.
We can use this command to query A record for a domain name.
$ dig google.com ; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6794 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 299 IN A 22.214.171.124 ;; Query time: 7 msec ;; SERVER: 10.248.182.164#53(10.248.182.164) ;; WHEN: Wed Jun 23 13:54:31 UTC 2021 ;; MSG SIZE rcvd: 55
Capture DNS Packets with tcpdump command
20:11:00.466866 IP 10.79.98.233.54127 > 126.96.36.199.53: 60712+ [1au] A? google.com. (39)
This is the packet we get from the DNS server for this DNS query.
20:11:00.560294 IP 188.8.131.52.53 > 10.79.98.233.54127: 60712 6/4/1 A 184.108.40.206, A 220.127.116.11, A 18.104.22.168, A 22.214.171.124, A 126.96.36.199, A 188.8.131.52 (207)