Introduction
DNS (domain name system) stores information related to domain names as a distributed database. The client-server service translates domain names to IP addresses and vice versa.
Most other network services, such as Web, emails, and file transfer, use DNS. A misconfigured DNS server can lead to critical connectivity issues. Thankfully, troubleshooting DNS issues is a vital and relatively simple process to follow.
Follow this tutorial to learn the practical steps in troubleshooting DNS issues.
Prerequisites
- A stable internet connection.
- Access to the command line/terminal.
- A user account with administrator/sudo privileges.
Note: Follow our tutorial to set up a DNS nameserver on Ubuntu.
DNS Troubleshooting
DNS troubleshooting follows logical steps from basic network troubleshooting to more in-depth analysis. Network services often report DNS issues for reasons that do not require in-depth DNS troubleshooting.
If you are experiencing DNS issues, start by performing the following steps before going on to in-depth troubleshooting:
- Check cables
If using a wired connection, make sure everything is connected properly. On wireless networks, check if WiFi is turned on and connected. Check the router if all cables are functional. Try to switch ports for ethernet cables and test out the connection.
- Restart router
Turn the router off and wait for at least two minutes before turning it on again. Wait until the router fully boots up before rechecking the connection.
- Scan for malware
Viruses sometimes block an internet connection. Run a scan to see if anything suspicious appears and handle accordingly.
- Check the website
If the problems arise when connecting to a particular website or a part of the website, check if the connection problem is with the website itself. One way to do this is using the ping command.
The command output helps identify the reason for the connection problem:
1. If ping
does not show a response, the issue is most likely on the server's end.
2. A common cause of an error in the response is a poorly configured DNS server or firewall restrictions. Learn how to resolve the "Temporary failure in name resolution" error.
3. If the output shows a response, the problem is most likely with the DNS.
The comprehensive list below provides valuable tips for troubleshooting DNS issues.
Check TCP/IP Settings
Misconfigured DNS server addresses are a common issue. Reset the settings and check if communication is back to normal. Depending on which OS you're using, the steps are different.
For Windows:
1. Search for Network Status in the Start menu and open the tool.
2. Select Properties under the network connection details.
3. Click the Edit button to change the IP settings.
4. If the IP assignment is Manual, double-check the IP, Preferred, and Alternate DNS addresses. Change IP assignment by selecting Automatic (DHCP) from the dropdown menu to reset back to normal.
5. Save the settings when finished.
For Linux:
1. Click the connection icon in the top-right corner.
2. Open the menu and select Wired Settings.
3. Click the gear icon in the connection pane to open the settings.
4. Navigate to the IPv4 tab in the settings menu.
5. If manually assigned, double-check the Address and DNS IP address list. Select the Automatic (DHCP) option and change the DNS switch to Automatic to reset back to normal.
Apply the settings when finished and close the window. Lastly, check the connection to ensure everything functions correctly.
Note: Learn how to install and use PowerDNS on Ubuntu, an open-source DNS server solution that helps resolve namespaces.
Flush the DNS Cache
IP mapping to popular websites is often the target of malicious attacks. DNS caches information to improve loading speed, and it might have cached a wrong address. Clearing the DNS cache deletes all the lookup information and updates with subsequent requests.
Flushing DNS cache is a good security measure to take in general. Follow our tutorial for detailed and OS-specific instructions: How to Flush DNS Cache in macOS, Windows, & Linux.
Release and Renew DHCP Server IP
Releasing and renewing the IP address helps resolve an IP conflict and old DNS information by refreshing the cached information. The easiest way to accomplish a release and renewal is through the command prompt/terminal.
Warning: Resetting the IP disconnects the computer from the internet.
To renew the IP on Windows using the command prompt:
1. Run the following commands to release the current IP and renew the information:
IPCONFIG /RELEASE
IPCONFIG /RENEW
2. Check the new information with:
IPCONFIG /ALL
To force IP renewal on Linux via the terminal:
1. Open the terminal and release the current IP with the following command:
sudo dhclient -r
The terminal outputs a confirmation message, and the connection is closed.
2. Run dhclient
without any options to renew the IP:
sudo dhclient
Change to Public DNS Servers
Change the DNS servers to public domain addresses. Some standard options are:
- Google's
8.8.8.8
address as primary and8.8.4.4
as secondary. - Cloudflare's
1.1.1.1
address as primary and1.0.0.1
as secondary.
Public domain addresses are generally reliable and are available for free. However, use this only as a temporary resolution.
On the other hand, some public domain DNS servers block traffic from malicious websites. A public DNS might detect a flagged website as suspicious, and the public DNS you're using might be blocking access.
Use dig
The dig command (domain information groper) provides DNS information and helps in diagnosing issues. The utility's raw output makes it the preferred method for troubleshooting DNS issues.
The program is available on macOS and Linux by default and is free to install on Windows.
To get dig information for a domain, run the following command in the terminal:
dig <domain name or IP>
Note: Using an IP address performs a reverse DNS lookup.
For example, to show the information for phoenixnap.com
, run:
dig phoenixnap.com
- The
status
shows whether a query was successful. - The
ANSWER SECTION
shows a response to a request sent in theQUESTION SECTION
. - The
SERVER
displays the address for the public DNS server.
By default, dig looks up the A record for a domain and shows which IP address the domain points to when resolving the name.
The dig tool offers many advanced options for comprehensive searches. For example, add the +trace
tag to see the full path to the destination:
dig phoenixnap.com +trace
The +trace
option helps pinpoint traffic drops in the route to the destination.
To check the delegated name servers, use the ns
option:
dig phoenixnap.com ns
Use the ns
option to help identify and troubleshoot delegation problems.
Use nslookup
The nslookup command provides functions for checking different DNS records and servers. The tool is available on macOS, Linux, and Windows operating systems by default, and it was the first tool for querying DNS.
To get nslookup information for a domain, use the following command in the command line/terminal:
nslookup <domain name or IP>
For example, run nslookup
for phoenixnap.com
:
nslookup phoenixnap.com
The output prints the DNS server's address and the A record response. The nslookup
command is preferable for Windows because of its availability.
Note: Learn how to improve website performance significantly by reducing DNS lookups.
Use host
The host utility is a straightforward program for performing a DNS lookup. The command is available for macOS and Linux systems.
The basic syntax for host is:
host <domain name or IP>
For example:
host phoenixnap.com
The host
command is excellent for quickly checking if a domain name exists and resolves to an address. A typical use case for host
is in bash scripts.
Use additional options to display more information. For example, add the -a
tag to see a similar output to the dig
command:
host -a phoenixnap.com
The output shows additional information in the answer section, such as the NS, SOA, MX, and other available records.
Use traceroute or tracert
The traceroute and tracert tools help trace a route from source to destination. When troubleshooting DNS issues, the commands help identify where packets stopped on the network. The traceroute
command is available on macOS and Linux, while the Windows equivalent is tracert
.
Note: Install the traceroute tool using the apt package manager:
sudo apt install traceroute
As a readily available and simpler alternative, use tracepath.
To map the network, run the following command in the terminal:
traceroute <domain name or IP>
If using a Windows machine, run:
tracert <domain name or IP>
For more information on the traceroute
/tracert
command and how to read the output, check our comprehensive tutorial on How to Run a Traceroute on Linux, Windows & macOS.
Contact Your ISP
If the computer uses the ISP's DNS, you cannot resolve the issues on your end. Contacting the ISP helps determine the problem and pinpoint the difficulties on their end.
Conclusion
At the end of this guide, you should have several tools and tricks to help you resolve DNS issues. If you're looking to set up your DNS server at home to speed up your connection, try following our Raspberry Pi tutorial on How to Set Up Raspberry Pi as a DNS Server. Also, check out our guide to learn about one of the common DNS errors "DNS_PROBE_FINISHED_BAD_CONFIG" and how to fix it.