Troubleshooting DNS Issues {nslookup, dig, host & More}

Introduction

DNS (domain name system) stores information related to domain names as a distributed database. The client-server service translates domain names to IP addresses and vice versa.

Most other network services, such as Web, emails, and file transfer, use DNS. A misconfigured DNS server can lead to critical connectivity issues. Thankfully, troubleshooting DNS issues is a vital and relatively simple process to follow.

Follow this tutorial to learn the practical steps in troubleshooting DNS issues.

Prerequisites

• A stable internet connection.
• Access to the command line/terminal.
• A user account with administrator/sudo privileges.

DNS Troubleshooting

DNS troubleshooting follows logical steps from basic network troubleshooting to more in-depth analysis. Network services often report DNS issues for reasons that do not require in-depth DNS troubleshooting.

If you are experiencing DNS issues, start by performing the following steps before going on to in-depth troubleshooting:

• Check cables

If using a wired connection, make sure everything is connected properly. On wireless networks, check if WiFi is turned on and connected. Check the router if all cables are functional. Try to switch ports for ethernet cables and test out the connection.

• Restart router

Turn the router off and wait for at least two minutes before turning it on again. Wait until the router fully boots up before rechecking the connection.

• Scan for malware

Viruses sometimes block an internet connection. Run a scan to see if anything suspicious appears and handle accordingly.

• Check the website

If the problems arise when connecting to a particular website or a part of the website, check if the connection problem is with the website itself. One way to do this is using the ping command.

The command output helps identify the reason for the connection problem:

1. If ping does not show a response, the issue is most likely on the server’s end.

2. A common cause of an error in the response is a poorly configured DNS server or firewall restrictions. Learn how to resolve the “Temporary failure in name resolution” error.

3. If the output shows a response, the problem is most likely with the DNS.

The comprehensive list below provides valuable tips for troubleshooting DNS issues.

Check TCP/IP Settings

Misconfigured DNS server addresses are a common issue. Reset the settings and check if communication is back to normal. Depending on which OS you’re using, the steps are different.

For Windows:

1. Search for Network Status in the Start menu and open the tool.

2. Select Properties under the network connection details.

3. Click the Edit button to change the IP settings.

4. If the IP assignment is Manual, double-check the IP, Preferred, and Alternate DNS addresses. Change IP assignment by selecting Automatic (DHCP) from the dropdown menu to reset back to normal.

5. Save the settings when finished.

For Linux:

1. Click the connection icon in the top-right corner.

2. Open the menu and select Wired Settings.

3. Click the gear icon in the connection pane to open the settings.

4. Navigate to the IPv4 tab in the settings menu.

5. If manually assigned, double-check the Address and DNS IP address list. Select the Automatic (DHCP) option and change the DNS switch to Automatic to reset back to normal.

Apply the settings when finished and close the window. Lastly, check the connection to ensure everything functions correctly.

Flush the DNS Cache

IP mapping to popular websites is often the target of malicious attacks. DNS caches information to improve loading speed, and it might have cached a wrong address. Clearing the DNS cache deletes all the lookup information and updates with subsequent requests.

Flushing DNS cache is a good security measure to take in general. Follow our tutorial for detailed and OS-specific instructions: How to Flush DNS Cache in macOS, Windows, & Linux.

Release and Renew DHCP Server IP

Releasing and renewing the IP address helps resolve an IP conflict and old DNS information by refreshing the cached information. The easiest way to accomplish a release and renewal is through the command prompt/terminal.

To renew the IP on Windows using the command prompt:

1. Run the following commands to release the current IP and renew the information:

IPCONFIG /RELEASE
IPCONFIG /RENEW

2. Check the new information with:

IPCONFIG /ALL

To force IP renewal on Linux via the terminal:

1. Open the terminal and release the current IP with the following command:

sudo dhclient -r

The terminal outputs a confirmation message, and the connection is closed.

2. Run dhclient without any options to renew the IP:

sudo dhclient

Change to Public DNS Servers

Change the DNS servers to public domain addresses. Some standard options are:

• Google’s 8.8.8.8 address as primary and 8.8.4.4 as secondary.
• Cloudflare’s 1.1.1.1 address as primary and 1.0.0.1 as secondary.

Public domain addresses are generally reliable and are available for free. However, use this only as a temporary resolution.

On the other hand, some public domain DNS servers block traffic from malicious websites. A public DNS might detect a flagged website as suspicious, and the public DNS you’re using might be blocking access.

Use dig

The dig command (domain information groper) provides DNS information and helps in diagnosing issues. The utility’s raw output makes it the preferred method for troubleshooting DNS issues.

The program is available on macOS and Linux by default and is free to install on Windows.

To get dig information for a domain, run the following command in the terminal:

dig <domain name or IP>

For example, to show the information for phoenixnap.com, run:

dig phoenixnap.com

• The status shows whether a query was successful.
• The ANSWER SECTION shows a response to a request sent in the QUESTION SECTION.
• The SERVER displays the address for the public DNS server.

By default, dig looks up the A record for a domain and shows which IP address the domain points to when resolving the name.

The dig tool offers many advanced options for comprehensive searches. For example, add the +trace tag to see the full path to the destination:

dig phoenixnap.com +trace

The +trace option helps pinpoint traffic drops in the route to the destination.

To check the delegated name servers, use the ns option:

dig phoenixnap.com ns

Use the ns option to help identify and troubleshoot delegation problems.

Use nslookup

The nslookup command provides functions for checking different DNS records and servers. The tool is available on macOS, Linux, and Windows operating systems by default, and it was the first tool for querying DNS.

To get nslookup information for a domain, use the following command in the command line/terminal:

nslookup <domain name or IP>

For example, run nslookup for phoenixnap.com:

nslookup phoenixnap.com

The output prints the DNS server’s address and the A record response. The nslookup command is preferable for Windows because of its availability.

Use host

The host utility is a straightforward program for performing a DNS lookup. The command is available for macOS and Linux systems.

The basic syntax for host is:

host <domain name or IP>

For example:

host phoenixnap.com

The host command is excellent for quickly checking if a domain name exists and resolves to an address. A typical use case for host is in bash scripts.

Use additional options to display more information. For example, add the -a tag to see a similar output to the dig command:

host -a phoenixnap.com

The output shows additional information in the answer section, such as the NS, SOA, MX, and other available records.

Use traceroute or tracert

The traceroute and tracert tools help trace a route from source to destination. When troubleshooting DNS issues, the commands help identify where packets stopped on the network. The traceroute command is available on macOS and Linux, while the Windows equivalent is tracert.

sudo apt install traceroute

To map the network, run the following command in the terminal:

traceroute <domain name or IP>

If using a Windows machine, run:

tracert <domain name or IP>

For more information on the traceroute/tracert command and how to read the output, check our comprehensive tutorial on How to Run a Traceroute on Linux, Windows & macOS.

Contact Your ISP

If the computer uses the ISP’s DNS, you cannot resolve the issues on your end. Contacting the ISP helps determine the problem and pinpoint the difficulties on their end.

Conclusion

At the end of this guide, you should have several tools and tricks to help you resolve DNS issues. If you’re looking to set up your DNS server at home to speed up your connection, try following our Raspberry Pi tutorial on How to Set Up Raspberry Pi as a DNS Server.