0

I am running a DNS query on www.wikipedia.org using Google's public resolver @8.8.8.8 using the mac terminal. I have to get the A records for the host and run the query a couple of times to notice any change to the A records.

dig @8.8.8.8 www.wikipedia.org

I've run the query about 10 times but I see nothing new happening. However, since the question asks for describing the change, I feel like I'm doing something wrong here.

Danny Boy
  • 11

3 Answers3

3

Since you didn't post any output to your command I'll show the answer section of two subsequent queries:

www.wikipedia.org.  21297   IN  CNAME   dyna.wikimedia.org.
dyna.wikimedia.org. 57      IN  A       91.198.174.192
                    ˆˆˆˆˆ

and

www.wikipedia.org.  21181   IN  CNAME   dyna.wikimedia.org.
dyna.wikimedia.org. 157     IN  A       91.198.174.192
                    ˆˆˆˆˆ

Notice that they are NOT identical. 4 of the 5 fields appear static, but one is definitely changing.

An DNS answer section looks like:

 <name> <TTL> <class> <type> <record data>

Finding the reason for the different TTL values is probably your homework assignment.

Hint:

  1. Investigate what a TTL is supposed to mean for DNS records and caching them.

  2. You should learn why my example with a second query showing a higher, rather than a lower TTL value in the second response from caching/recursive nameserver is a-typical.

  3. What can you infer from the fact that a TTL value increases between subsequent queries?

Answer 3: With big public resolver like Google's 8.8.8.8 your subsequent queries won't be answered by a single server, but each query will most likely be answered by a different, random server from much larger cluster/pool.

Bob
  • 5,805
  • 7
  • 25
2

Why would you think that the records should change? An A-record should be static if nothing in the underlying infrastructure changes which would mandate an record update. www.wikipedia.org is on the other hand a CNAME for dyna.wikipedia.org, which would imply that the site is behind a CDN (Content Distribution Network) of some sort, which means that you'd always get an answer pointing to the server "closest" to you, using some technology and some definition of "closest". This might change from time to time if you query it multiple times.

Stuggi
  • 3,506
  • 4
  • 19
  • 36
  • I also didn't expect anything to change. This is one of my assignments and was confused as to why they were asking such a question, because as you said the results would not change. My confusion as further exacerbated by the fact that the question then goes on to ask why the change had occurred. Considering all of this, I thought it best to ask about the issue here. – Danny Boy Nov 23 '20 at 13:01
  • Your expectations cloud your observations. The record data is not what you should be watching... – Bob Nov 23 '20 at 14:39
0

I do not understand the question to be honest. The DNS records for domain do not change as a result of a DNS query. The A-records are simply a link between a name (FQDN) and IP address. This is changed if and when needed, by the owner of the domain, such as if the service (e.g. website) is being assigned a new IP, the A-record is then needed to be updated to point to the new IP.

Mikael Dyreborg Hansen
  • 559
  • 1
  • 5
  • 16