Skip to main content
Relaymetry

What is an A record? DNS address records (and A vs CNAME)

An A record maps a hostname to a single 32-bit IPv4 address (RFC 1035 section 3.4.1), and its TTL sets how long resolvers cache that answer. An A record holds an IP, whereas a CNAME holds an alias to another name, which is why the apex of a zone must use an A record and cannot be a CNAME.

Quick answer

An A record maps a hostname to a single 32-bit IPv4 address (RFC 1035 §3.4.1). It is the record a resolver returns when something asks "what IPv4 address does this name point to?" A published A record looks like this:

example.com.   3600   IN   A   203.0.113.10

That line says the name example.com resolves to 203.0.113.10, and resolvers may cache the answer for 3600 seconds. The IPv6 equivalent is the AAAA record; the alias equivalent is the CNAME record. A is one of the core DNS record types.

How to read an A record

Every field in that line has a fixed meaning:

  • example.com. — the owner name the record answers for. The trailing dot marks it as fully qualified.
  • 3600 — the TTL in seconds. It controls how long a resolver may cache this answer before it has to query again.
  • IN — the class. IN (Internet) is the only class you will use in practice.
  • A — the record type. A is type number 1, "a host address" (RFC 1035 §3.2.2).
  • 203.0.113.10 — the RDATA: the 32-bit IPv4 address itself, written in dotted-quad form.

An A record holds exactly one address. To publish more than one address for a name, you publish more than one A record at that name.

Multiple A records and DNS round-robin

You can publish several A records at the same name:

example.com.   300   IN   A   203.0.113.10
example.com.   300   IN   A   203.0.113.11
example.com.   300   IN   A   203.0.113.12

A resolver querying that name receives all three addresses. Most authoritative servers rotate the order of the addresses between responses, so different clients tend to connect to different hosts. This is DNS round-robin, a crude way to spread load across several machines.

Round-robin is not health-aware. DNS has no idea whether 203.0.113.11 is up; it hands the address out on its turn regardless. If one host fails, a share of clients still receive its address and their connections break until you remove the record and the old answer ages out of caches. For real failover you need health-checking at a load balancer, or a DNS provider that withdraws dead targets, rather than plain round-robin.

A record vs CNAME

An A record and a CNAME record answer different questions, and confusing the two is a frequent DNS mistake.

  • An A record holds an IP address. The name is the final answer, so the resolver stops there.
  • A CNAME record holds another name. It says "this name is an alias, go look up that other name instead," and the resolver restarts the query at the canonical name (RFC 1034 §3.6.2).

Use an A record when you have an IP address to point at, such as a server you run or a static address your host assigned you. Use a CNAME when you want one hostname to track another hostname, such as pointing www.example.com at a platform's myapp.hosting.example.net so you never have to touch an IP when the platform moves it.

One hard rule follows from the specification. A CNAME cannot coexist with any other record at the same name: RFC 1034 §3.6.2 states that "if a CNAME RR is present at a node, no other data should be present." A name is therefore either a CNAME or a set of ordinary records, never both.

Why the apex of a zone cannot be a CNAME

The apex (or root) of a zone is the bare domain, example.com with nothing in front of it. The apex always carries an SOA record and NS records, because those are what define the zone and delegate it to its nameservers. Since a CNAME forbids any other data at the same name, and the apex must keep its SOA and NS records, the apex cannot be a CNAME.

That is why you point a bare domain at a host with an A record (and an AAAA record for IPv6), not a CNAME. If your host only gives you a hostname instead of a stable IP, many DNS providers offer a flattening record (often called ALIAS or ANAME) that behaves like a CNAME at the apex but is resolved to A and AAAA records by the provider before the answer is served. What the rest of the internet sees is a normal A record, so the specification is not violated.

How TTL controls caching

The TTL on an A record is a promise about caching, not about the address. A resolver that fetches example.com. 3600 IN A 203.0.113.10 may reuse that answer for up to an hour before it asks again. A short TTL such as 300 means changes propagate within minutes but resolvers query you more often. A long TTL such as 86400 means fewer queries but slower propagation. Before you change an address, lower the TTL ahead of time and wait for the old, longer value to expire from caches, so the cutover is quick when you finally swap the address in.

Frequently asked questions

What is an A record?

An A record is a DNS record that maps a hostname to a single 32-bit IPv4 address (RFC 1035 section 3.4.1). It is what a resolver returns when a client asks which IPv4 address a name points to. A TTL on the record controls how long resolvers may cache the answer.

What is the difference between an A record and a CNAME record?

An A record holds an IP address, so the name is the final answer. A CNAME record holds another name and tells the resolver to look that name up instead. Use an A record when you have an IP address to point at, and a CNAME when you want one hostname to track another hostname.

Can the apex or root domain be a CNAME?

No. RFC 1034 section 3.6.2 says no other data may sit beside a CNAME at the same name, and the apex must always carry its SOA and NS records. So the apex has to use an A record (and an AAAA record for IPv6), or a provider ALIAS/ANAME flattening record that resolves to A and AAAA before it is served.

What are multiple A records at one name for?

Publishing several A records at the same name gives a resolver all of the addresses, and most servers rotate their order between responses. This is DNS round-robin, a crude way to spread load across hosts. It is not health-aware, so a failed host keeps receiving a share of clients until you remove its record.

What is the difference between an A record and an AAAA record?

An A record maps a name to a 32-bit IPv4 address; an AAAA record maps the same kind of name to a 128-bit IPv6 address. A dual-stack host publishes both at the same name so clients can reach it over IPv4 or IPv6.

Other DNS records

References

Browse all guides →