Join Log in
Score:0
Currn Hyde avatar Server

Why does facebook only have 2 IP addresses?

cn flag
Currn Hyde

In the process of setting up DNS for my own website I got curious about looking up a large company's DNS record. I chose facebook.com and used dnschecker.org to view their dns record. Ignoring AAAA records because the majority of people still use IPv4, I only get back 2 addresses: 31.13.71.36 and 157.240.26.35

Maybe I'm missing some technology here but each static IP can only be assigned to a single NIC at any given time. That would mean facebook is handling all IPv4 ingress and egress from their data centers through only two (very fast) machines. There's no way.

What am I missing here?

94
0 + 0
nic
ip
Patrick Mevzek avatar
cn flag
Patrick Mevzek
Go to https://www.whatsmydns.net/#A/facebook.com and see how the reply depends from where you query. This is called Geolocation: the DNS reply depends on the "location" of the source to provide an IP "closer" to the requestor. Note that it is in practive not enough and/or not as simple because where the client is and where its recursive DNS server is are two different things. Also there could have been even only one IP and the same one everywhere: in that case it would have most probably been IP anycast (where a single IP is physically in different places at the same time).
2
Reply
Score:1
user10489 avatar Server
nc flag
user10489

When you query a DNS server, especially for something like an A record, you don't get a complete picture of all of the set up of a site. You only get enough to satisfy your request and connect to the intended target.

It use to be possible to do additional queries and get full listings, but for security reasons, this has been disabled and deprecated for a long time.

Even before security measures reduced the amount of information you could scrape out of DNS, sites were using dynamic dns techniques to implement load balancing. Basically, when your host queries an A record for facebook, it gets one or a few answers out a large list of unknown size. Your system may cache that result, so subsequent queries give the same answer, although the source DNS server can set a timeout on that (the timeout was around 300 seconds when I checked).

So basically, when you query facebook.com, you get a random answer out of a list, and that answer could change (possibly every 300 seconds). Facebook's DNS servers could easily give a completely different answer to each client that queried them, and could even try to detect your network location to tweak the answer to give a server close to you on the network. As mentioned in the other answer, this is exactly the sort of thing that a CDN is designed to do.

0 + 0
Patrick Mevzek avatar
cn flag
Patrick Mevzek
"So basically, when you query facebook.com, you get a random answer out of a list, ". It is most probably not random. The server decides which IP address is "best" to give back to client, and most often it is based on geolocation considerations, or which ISP he is using, hence taking into account BGP level peerings and things like that.
1
Reply
Patrick Mevzek avatar
cn flag
Patrick Mevzek
"It use to be possible to do additional queries and get full listings" If you are thinking there about `AXFR` it was mostly never possible and only a configuration error when it happened. If you think about the fake `ANY` DNS query that everyone thinks mean `ALL` which it does not, this would also absolutely not guarantee to give you back all data but only what was in cache by some recursive nameserver. It is now anyway deprecated, see RFC 8482
0
Reply
user10489 avatar
nc flag
user10489
Random: I did say it could be location based. By random, I mean that the selection is not predictable by the requestor.
0
Reply
user10489 avatar
nc flag
user10489
Yes, at the beginning of internet, you could do a full query of DNS and it was (at least at the start) not considered a configuration error. Thanks for the RFC, I'll consider integrating that into the answer.
0
Reply
Patrick Mevzek avatar
cn flag
Patrick Mevzek
"you could do a full query of DNS and it was (at least at the start) not considered a configuration error. " Not clear, you might be thinking about `AXFR` but this was **far** from being available everywhere. Quite the contrary in fact.
0
Reply
Score:0
Doggins avatar Server
cn flag
Doggins

Because those IPs don't belong to a server, they point to Facebooks CDN 'Content Delivery Network'

Maybe someone else might have some knowledge on their setup but my DNS servers are reporting different IPs to you, so I dare say there are thousands that are dynamically changing all the time.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.