Every once in a while an ISP will have a problem with their DNS server and someone can’t access a website. While troubleshooting the problem I usually get asked “If the first server doesn’t give the answer I wanted why didn’t it move to the next one in the list?” I sigh and then explain that DNS doesn’t work that way.
First – what is DNS? In the simplest of terms DNS is the mechanism that translates human readable names (www.google.ca) into the numbers the devices on the internet understand (22.214.171.124). If we didn’t have DNS you would have to enter that ugly number in each time you wanted to access the website. It’s a lot easier to remember the name.
Why do you have more than one entry? Backup. The second and possibly third servers in the list are there in case the first can’t be connected to. When I say “can’t be connected to” I mean it’s dead, not there, missing. This is quite different from “didn’t provide an answer” or “provided the wrong answer”. Here’s why.
DNS isn’t a “general consensus” protocol where you ask each server in the list for the same information and then take the “best answer”. That would really slow things down and who’s to say the “best answer” was the one you wanted anyway? What it does is tries to connect to the first server in the list and, if the connection is successful, it assumes that the answer it gets back is the correct one – even if that information is wrong or empty or nothing returns at all. It stops there and doesn’t try the next one in the list. It has an answer – whether you like it or not – why would it continue to look? However, if that server doesn’t respond (aka dead, not there, missing) your system will try the next DNS server in the list. It will keep doing this until it makes a connection or reaches the end of the list. End result. You will get an answer or things will time out and your answer is “no”.
If the first server is dead and it successfully connects to the second server will it always try the first server for every new request? No. Your system will remember which of the servers worked last time and try that one first the next time – right up until you restart – then the process starts over again.
Why would a DNS server allow connections but not give an answer? Usually this is because that server is too busy to respond to your request. Bummer for you because you “connected” so the “blank” answer counts. Don’t confuse a “blank” answer with “wrong answer” though. There are a number of reasons why a server might provide you what it thinks is the right information but it’s not what you were looking for. The address is in the middle of changing and the server hasn’t updated it’s copy (cache) with new information being the most common.