How to troubleshoot DNS resolution failures

· Category: Networking

Short answer

DNS resolution failures prevent devices from translating domain names into IP addresses. Troubleshooting involves isolating client, server, and network issues.

Steps

  1. Test with multiple tools: Use nslookup, dig, and ping to determine if the failure is application-specific.

  2. Check local DNS settings: Verify the device is pointing to the correct DNS servers via DHCP or static configuration.

  3. Test direct queries: Query the authoritative DNS server directly to bypass caching issues.

  4. Flush caches: Clear local DNS cache and restart the DNS resolver service.

  5. Verify network path: Ensure UDP and TCP port 53 are not blocked by firewalls between the client and DNS server.

  6. Inspect records: Confirm the requested record exists and is correctly configured at the registrar or DNS host.

Tips

  • Use dig +trace to follow the full resolution path.
  • Check TTL values to estimate how long stale caches last.
  • Temporarily switch to a public resolver like 8.8.8.8 to isolate local DNS server problems.

Common issues

  • Typoed domain names or missing records.
  • DNSSEC validation failures blocking valid responses.
  • Corporate proxies intercepting and breaking DNS queries.