I noticed that dig google.com produces four distinct IP addresses. What does that mean? It could be
- use any, doesn't matter
- try the first, if it doesn't respond, try the next (and so forth)
- or ...?
Or is this just supposed to be round-robin? (If so, why would it return 4 values, instead of just 1?)
I'm sort of hoping it means that browsers would try all four in sequence until they got one that works.
Here's what I'm getting: dig google.com:
;; QUESTION SECTION:`
;google.com. IN A
;; ANSWER SECTION:
google.com. 293 IN A 74.125.19.99
google.com. 293 IN A 74.125.19.103
google.com. 293 IN A 74.125.19.104
google.com. 293 IN A 74.125.19.147
;; AUTHORITY SECTION:
google.com. 81797 IN NS ns2.google.com.
google.com. 81797 IN NS ns4.google.com.
google.com. 81797 IN NS ns1.google.com.
google.com. 81797 IN NS ns3.google.com.
;; ADDITIONAL SECTION:
ns1.google.com. 255049 IN A 216.239.32.10
ns2.google.com. 230304 IN A 216.239.34.10
ns3.google.com. 231860 IN A 216.239.36.10
ns4.google.com. 58735 IN A 216.239.38.10`
It is round robin. You see all 4 when you dig it, because dig asks the DNS server to return all records for that name.
dig google.comreturns only 1 ANSWER (EDIT: This is in my case but can be different depending on where you are located - thanks to MarkM comment below), the 4 other you see are in Authority section or Additional sections and they are the Name Servers names and IPs and notgoogle.comIP. google.com IP is in Answer section:64.233.163.104:So 1 ANSWER, 4 AUTHORITY and 4 ADDITIONAL:
It means that the name google.com resolves to 4 different ip addresses. It actually resolves to many more, but you got 4 of them. For all practical purposes the 4 ips are interchangeable. However, whether a browser will try them in sequence until one works is wholly dependent on the browser. And some browsers cache results themselves, and are known to ignore ttl, so be careful trying to predict what a browser will do.