Steps to Troubleshooting DNS Issues

By SolarWinds MSP

23 April, 2019

If a user’s browser window comes up blank with a message that the “server DNS address cannot be found,” this signals a DNS error that needs your instant attention. The inability to access the internet or particular sites can have an immediate negative business impact. DNS troubleshooting can be a headache for managed services providers (MSPs), but it’s crucial that they understand the ins and outs of what DNS is and have a solution in place as needed.

How do you troubleshoot DNS issues when you’re not sure what they are? This article outlines the basic DNS knowledge you need, how to diagnose DNS issues (including identifying what really aren’t DNS issues), and how to resolve basic DNS problems.

Why does a DNS error occur?

DNS errors occur essentially because you’re unable to connect to an IP address, signaling that you may have lost network or internet access. DNS stands for Domain Name System. It is the network of servers that tracks alphanumeric names for every internet-connected device, and every website in the world, and matches them with the correct numerical IP addresses.

In other words, the DNS translates your web domain name into an IP address and vice versa. Without DNS, if you entered “www.google.com” into your browser, the servers would have no idea what that means and would not know where to direct you.

DNS is a hierarchical tree data structure. At the top are root name servers. Network administrators can delegate and subdelegate several layers down. Every DNS zone has an authoritative server which answers queries only with original dynamic data; nonauthoritative servers may have only caches. If a DNS error occurs, you may have to investigate at a few different levels to understand precisely what is causing the problem and how you can quickly get users back online.

Basic troubleshooting for a DNS issue

Web browsers tend to blame any connectivity issues on DNS issues. For example, a physical router plug failure is not a “DNS issue,” but your browser might tell you it is. If a user is complaining about a DNS issue, you may want to go through basic troubleshooting for them first. It could solve many problems before you spend time on a more in-depth network investigation.

Check your cables and connections: If you have wired connections, make sure everything is plugged in properly. If you are on a wireless network, make sure your Wi-Fi is on and you are connected. Make sure your router is plugged in and functional.
Reboot your router: Wait a minute before turning it back on again and wait until the indicator lights stop blinking before trying to connect.
Run a malware scan: In some cases, a virus may be blocking internet access. In this case, you may have bigger issues to deal with before you address IP connectivity.
Check the site: If you are having trouble accessing a particular website (your own or someone else’s), confirm that the problem is with DNS and not the site itself. One way to do this is with a website like DownForEveryoneOrJustMe. Similarly, you can issue the ping command for your web address with the command prompt. If it responds, it means the site is live and you just can’t access it, which suggests that the problem is indeed with your DNS. If the result of the ping is that “request could not find host,” it suggests the website is down, which is not necessarily a DNS problem.

What is the DNS problem?

If basic troubleshooting didn’t solve your problems, it may be time for more in-depth DNS troubleshooting. The following are some common DNS problems that could be causing the blockage:

Check the TCP/IP settings: These settings define how your computer communicates with others. You may have recently changed these settings and tried to input them manually. Go to your computer’s networking or control panel and find “Manage network connections.” Under “Local Area Connections,” “Properties,” find and click on both IPv6 and IPv4 “Properties.” Make sure that each is set to “Obtain an IP address automatically” and “Obtain DNS servers address automatically.”
Flush your DNS cache: The DNS cache is where your computer stores networking information on recent visits and attempts to connect to web domains. The cache can become corrupted with inaccurate information. To flush, or clear, this cache, enter ipconfig /flushdns into the command prompt. The next time you revisit a website, the DNS cache will have to renew the DNS information.
Renew your domain name: Is your web address working but redirecting to a strange website? It’s likely you forgot to renew your domain name. It happens to the best of us—even Google briefly lost “google.com” in 2015 when it forgot to renew. Your best bet is to quickly contact the registrar, as many will wait 20 – 30 days after a domain expires before auctioning it off.

How do I fix a DNS server not responding?

If your Windows DNS server is still not responding, it may be necessary to dig more deeply to understand errors or misconfigurations that could be causing the issues. To do so you may need to utilize nslookup, a tool built into Windows (and commonly used for DNS probes by hackers). Nslookup is integral to various software solutions, including SolarWinds Remote Monitoring and Management, and you can use nslookup DNS troubleshooting commands to determine specific internal or external issues.

Nslookup was one of the original DNS diagnostics. It is available in both interactive and noninteractive modes. For our purposes, it is generally more useful in interactive mode. Most commonly, it can be used to confirm both your IP address and that of the DNS server you are on. To find the IP address of a host, enter the command prompt and type nslookup followed by your domain. This will likely return a local server. To find the authoritative server, set the query type to NS and enter the domain name.

These commands allow you to look up your DNS records. Here are the most common and important kinds of DNS records that could cause DNS issues:

A record: A records are the very basic DNS data that matches a domain with an IP address. To check an A record, use the nslookup command followed by the domain. Then, you can confirm that the domain is going to the right IP address and vice versa. An AAAA record is the same as an A record but for IPv6.
CNAME: CNAME stands for Canonical Name. This record is used to point one domain name at another domain name. (The latter domain name will presumably have an A record that points it toward an IP address.) CNAME records can sometimes cause trouble with emails. In any case, verify that the domains are pointing to the right places. For nslookup, the command is “set type=cname” followed by your domain.
MX: The Mail Exchange (MX) Record directs email from your domain to a host server. If this is incorrect, it could explain why users are having trouble sending email to addresses at your domain. Be sure the MX maps to your domain (A or AAAA record) and not a CNAME record. The command is “set type=mx” followed by your domain.

What are some common causes of DNS issues?

When it comes to network performance, a few common issues may affect user connectivity and lead to DNS errors. For troubleshooting DNS issues, you may want to consider how the following factors could be impacting your clients:

1) Time to live (TTL)

Time to live is the expiration date attached to data in networking. When a caching (recurring) server queries the authoritative name server for any DNS records, the authoritative name server tells the caching server how long those records are good for—which is usually between a few minutes and one day. Until the TTL expires, the caching server will not query the authoritative name server for that same data again but will assume the records are still good.

You can see how this could affect DNS issues. If your DNS records change but your TTL is too high, there will be a delay as the caching server continues to send incorrect records to users until the TTL expires. On the other hand, if the TTL is too low it could overwhelm the authoritative name server with unnecessary queries.

If you are planning on updating DNS records, lower your TTL temporarily before you do so to ensure that users will receive updated data quickly. Servers sometimes don’t recognize a TTL of less than 30 seconds; five minutes (300s) is a typical short TTL.

In general, use short TTLs for records that are updated frequently, and longer TTLs for more steady records. Records that rarely change and should have longer TTLs of a day (86400s) include MX and TXT.

2) DNS latency

Latency refers to the time it takes queries to be transmitted and returned. When users complain of “the internet being slow today,” they are talking about high latency. DNS issues can be a big part of latency.

One major factor affecting your network speeds is simply the distance that data must travel, but you can potentially improve latency by checking on whether your DNS servers have a centralized or decentralized structure. Consider other providers if your DNS servers are all located significantly far from your users.

TTL also plays a role in latency. As mentioned before, keep TTLs high for consistent DNS records to reduce unnecessary queries.

3) DDOS attack

If you’ve thoroughly checked your network and don’t think the problems are on your end, it might be a problem with your ISP’s DNS servers. Give them a call and let them know. If they confirm a problem with their DNS servers, don’t be afraid to be persistent in following up until the problem is solved.

This might be the worst-case scenario, but if a sudden surge of traffic crashes your site, you may be the victim of a distributed denial of service attack. This is essentially a DNS issue in the sense that it overwhelms the servers. Contact your web host immediately and ask for a new IP. Clear your logs and make sure that your new records match the new IP.

DNS issues are just one type of problem that could interrupt your service. Need help with more than DNS troubleshooting? Explore our resources center for other troubleshooting information.