DNS Troubleshooting: 9 Common DNS Issues and Their Solutions

Try this guide with our instant dedicated server for as low as 40 Euros

DNS Troubleshooting

The domain name system, or DNS, serves as a distributed database for storing data related to domain names. 

It is a critical component of the global Internet and network connectivity infrastructure. The structure resembles a client-server service, converting domain names into IP addresses and supporting a range of network services, including file transfers, emails, and the Web. 

Diagnosing DNS server configuration errors is crucial since these issues cause serious connectivity problems and disruption in operations.

This tutorial explores DNS troubleshooting using nslookup, dig, and host. Network engineers and sysadmins can successfully handle DNS issues by evaluating server responses, identifying misconfigurations, and querying records. We will demonstrate practical scenarios where you can use the popular utilities to understand connectivity challenges, ensure perfect internet operation, and navigate DNS issues.

Table Of Contents

  1. A Short Overview of DNS Troubleshooting
  2. Exploring DNS Troubleshooting Scenarios
    1. Fix #1: Check TCP/IP Settings
    2. Fix #2: Clear the DNS Cache
    3. Fix #3: Renew and Release the DHCP Server IP
    4. Fix #4: Switch to Public DNS Servers
    5. Fix #5: Use dig for Diagnostics
    6. Fix #6: Use the nslookup Utility
    7. Fix #7: Check DNS Records with the host Utility
    8. Fix #8: Trace the Route with tracert or traceroute
    9. Fix #9: Get in touch with your ISP
  3. Conclusion
  4. FAQs

A Short Overview of DNS Troubleshooting

DNS troubleshooting proceeds logically from basic network troubleshooting to more in-depth investigation. The main challenge in this context is that network services frequently report DNS problems for non-DNS-related reasons that don’t require extensive DNS investigation.

That’s why, before moving on to more in-depth troubleshooting scenarios, we strongly recommend trying these actions:

Cable Check 

If you’re using a wired connection, make sure everything is connected properly. Check each cable to verify the router’s functionality. Try swapping out the ports on your Ethernet connections to test the connection.

Verify that WiFi is turned on and the devices are connected to wireless networks.

Router Restart 

Before turning the router back on, switch it off and give it at least two minutes to rest. This allows the system to release IP addresses and related values. Before verifying the connection once more, let the router finish booting up.

Malware Scan

Viruses and malware often attack DNS configuration because of the huge impact on operations. If you suspect this to be the root cause behind your DNS issues, perform a scan to check for anything unusual and take appropriate action.

Website Check

If you are having trouble connecting to a specific website or a specific page on that website, check whether the issue is with the website itself. One method for doing this is to use the ping command.

ping -c 10

If you ping without getting a response, the server is probably the problem.

Note that firewall restrictions or a DNS server not configured correctly are significant causes of these response errors. Alternatively, the DNS is probably the issue if there is a response in the output.

Prerequisites

Before you apply the fixes we will discuss in the next section, make sure you have the following:

  • A fast internet link
  • A system running a mainstream Linux distro
  • A user account with sudo or administrator privileges

Exploring DNS Troubleshooting Scenarios

Let’s explore some common scenarios where we will use several utilities to discover and fix DNS issues.

Fix #1: Check TCP/IP Settings 

Incorrect DNS server configurations are a frequent problem. You should check the settings and see if the connectivity is restored after resetting the TCP/IP settings. 

Let’s discuss the specific steps of this fix in popular operating systems. 

Windows 

  • Open the application by searching for Network Status in the Start menu.

network status in start menu

  • Under the network connection details, select Properties.

select properties

  • Click Edit to view and modify the IP settings.

IP settings

Verify the IP address, preferred DNS address, and alternate DNS address in the case of manual IP assignment. Choose Automatic (DHCP) from the dropdown option to restore the default IP assignment.

edit ip settings

edit ip setings 2

  • When you’re done, save the settings.

Linux

  • In the upper or lower-right corner, click the connection icon.

wired connection

  • Go to the Wired Settings menu.

wired setings

  • To access the settings, click the gear icon in the connection window.

wired setting access

  • Go to the settings menu and select the IPv4 tab.
  • Verify the Address and DNS IP address list again if the address was manually assigned. Choose the Automatic (DHCP) option to restore the DNS settings to the original state.

Automatic (DHCP) option

When you’re done, close the window and apply the adjustments. Finally, make sure everything is working correctly by checking the connection.

Fix #2: Clear the DNS Cache

A portion of attacks on websites target IP mapping to disrupt name resolutions and prevent users from accessing the content. 

DNS systems cache information to increase loading speed. In some cases, these caches can store an incorrect address. When the DNS cache is cleared, all lookup data is removed and is updated for incoming requests.

Fix #3: Renew and Release the DHCP Server IP

Releasing and renewing the IP address helps resolve an IP conflict and outdated DNS information by refreshing the cached data. You can release and renew IP addresses easily via the command prompt or terminal.

Let’s quickly describe the process for Windows and Linux.

Windows 

You can use the Command Prompt in Windows to renew the IP address. Here are the steps of the process:

  • Run the following command in the Command Prompt to release the current IP address and update relevant data:

> IPCONFIG /RELEASE

> IPCONFIG /RENEW

  • Next, use the following command to verify the updated data:

> IPCONFIG /ALL

Linux 

You can use the terminal to force an IP renewal in most Linux distributions

  • Launch the terminal and run the following command to release the current IP:

# sudo dhclient -r

The command terminates the connection and you can see a confirmation message in the terminal.

  • To renew the IP, run dhclient without any options:

# sudo dhclient

Fix #4: Switch to Public DNS Servers

Update your DNS servers with addresses from public domains. Typical choices include the following:

  • Google’s primary address is 8.8.8.8, while its secondary address is 8.8.4.4.
  • Cloudflare uses 1.0.0.1 as the secondary IP and 1.1.1.1 as the primary.

Public domain addresses can be obtained for free and are usually dependable. But remember, this is just a stopgap solution.

However, some DNS servers for public domains block access to harmful websites. A public DNS may identify a website because multiple users have reported it as suspicious. As a result, public DNS can prevent the damage caused by users visiting malicious websites.

Fix #5: Use dig for Diagnostics

dig stands for domain information groper, a simple utility that helps you in DNS problem diagnosis. The tool is the best option for debugging DNS issues because of its raw output.

The application may be downloaded for free on Windows and is pre-installed on macOS and Linux.

Enter the following command in the terminal to obtain dig information for a domain:

# dig <domain name or IP>

For example, you could perform the following to display the data for redswitches.com:

dig redswitches.com

dig redswitches.com

Here are some important sections of the output:

  • The status indicates the success or failure of a query.
  • Answers to a request made in the QUESTION SECTION are displayed in the ANSWER SECTION.
  • The SERVER shows the public DNS server’s address.

When resolving a name, dig searches for a domain’s A record and displays the IP address the domain points to.

You can carry out sophisticated search operations through the dig tool. For instance, you can use the +trace option to view the complete path to the destination:

# dig redswitches.com +trace

dig redswitches.com +trace

Finding the breaks in traffic from the source (your machine) to the destination is much easier to track through the +trace option.

Use the ns option to view the delegated name servers:

# dig redswitches.com ns

dig redswitches.com ns

Fix #6: Use the nslookup Utility

The nslookup command offers several functions for verifying DNS records and server information. This was the original tool for DNS querying, and it comes pre-installed on Windows, Linux, and macOS.

In the Command Prompt or terminal, type the following command to get nslookup details for a domain:

nslookup <domain name or IP>

nslookup domain name or IP

The output prints the DNS server address and the A record response. The nslookup command is the better option in Windows environments due to its accessibility.

Fix #7: Check DNS Records with the host Utility

The host utility is simple software for checking DNS servers. The command can be accessed on Linux and macOS platforms.

The basic syntax for the host utility is as follows:

# host <domain name or IP>

For instance, the following command gets detailed information about the RedSwitches domain:

# host redswitches.com

host redswitches.com

The result displays further details in the answer part, including the MX, NS, SOA, and other accessible data.

Fix #8: Trace the Route with tracert or traceroute

The traceroute and tracert programs can trace the route from source to destination. This information is important in determining the route of packets. This utility is often the starting point in debugging DNS problems. 

The traceroute command can be used on Linux and macOS, whereas the tracert command is the Windows version with similar capabilities.

Use the following command syntax in the terminal to map the network:

# traceroute <domain name or IP>

On a Windows computer, execute:

> tracert <domain name or IP>

tracert redswitches.com

Fix #9: Get in touch with your ISP

You cannot fix the problems on your end if the machine uses the ISP’s DNS. Contacting the ISP facilitates problem-solving and helps identify any challenges they may face.

Conclusion

DNS troubleshooting is mainly about locating and fixing typical problems that may affect web services and network access. 

Sysadmins and network engineers may handle issues like DNS misconfigurations, cache ingestion, and server unavailability by knowing the fundamentals of DNS resolution and using diagnostic tools like nslookup, dig, and host. 

Organizations may guarantee the dependability and integrity of their DNS infrastructure, reducing downtime and maximizing performance with methodical analysis and focused solutions. By taking a proactive stance while troubleshooting DNS and possessing a thorough comprehension of possible problems and their fixes, companies can ensure uninterrupted internet access and improve client satisfaction.

FAQs

Q. What are some common DNS issues that can occur?

Common DNS issues include misconfigurations, server unavailability, cache poisoning, DNS hijacking, and slow DNS resolution times.

Q. How can I identify DNS issues on my network?

You can identify DNS issues by performing DNS lookups, checking for error messages in DNS logs, using diagnostic tools like nslookup, dig, and host, and monitoring network traffic for DNS-related anomalies.

Q. What are some solutions for DNS misconfigurations?

Solutions for DNS misconfigurations include verifying DNS server settings, ensuring correct DNS record configurations, and updating DNS zone files with accurate information.

Q. How can I troubleshoot slow DNS resolution times?

To troubleshoot slow DNS resolution times, you can check for network congestion, analyze DNS query response times, optimize DNS caching, and consider using faster DNS servers or implementing DNS load balancing.

Q. What should I do if my DNS server becomes unavailable?

If your DNS server becomes unavailable, you can troubleshoot by checking server status and connectivity, restarting DNS services, verifying DNS server configurations, and implementing redundancy and failover mechanisms.

Q. How can I protect my DNS infrastructure from security threats like cache poisoning and DNS hijacking?

To protect your DNS infrastructure from security threats, you can implement DNSSEC (DNS Security Extensions), use firewalls and access controls to restrict access to DNS servers, regularly update DNS server software and patches, and monitor DNS traffic for suspicious activity.

Q. What role do diagnostic tools like nslookup, dig, and host play in DNS troubleshooting?

Diagnostic tools like nslookup, dig, and host are essential for DNS troubleshooting. They allow you to query DNS servers, retrieve DNS records, perform DNS lookups, and analyze DNS responses to identify and resolve DNS issues efficiently.

Q. How can I ensure the reliability and performance of my DNS infrastructure?

To ensure the reliability and performance of your DNS infrastructure, you can implement best practices such as maintaining DNS servers, monitoring DNS performance metrics, conducting regular DNS audits, and staying informed about DNS security vulnerabilities and updates.

Try this guide with our instant dedicated server for as low as 40 Euros