Troubleshoot DNS issues - Step by Step tips to resolve it








Are you trying to troubleshoot DNS issues?

This guide is for you.


DNS problems may stop you from being able to visit Web sites. If you're having problems connecting, it doesn't take much work to see if DNS is the cause, and if it is, to try to fix it. 

If your HOSTS file contains an incorrect or outdated listing, you won't be able to connect.

DNS or Domain Name System refers to the mapping of a domain name to an IP address or vice versa. And BIND (Berkeley Internet Name Domain), is the widely used DNS server on UNIX and Linux.

If the DNS server fails, we will not be able to browse the website and it will show a server not found error. 

It is important that we troubleshoot and fix DNS issues as fast as possible to avoid downtime of websites.

Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to troubleshoot DNS issues for our customers.


What is a DNS problem? 

If basic troubleshooting didn't solve your problems, it may be time for more in-depth DNS troubleshooting.

The following are some common DNS problems that could be causing the blockage: 

1. Check the TCP/IP settings:

These settings define how your computer communicates with others. You may have recently changed these settings and tried to input them manually.

Go to your computer’s networking or control panel and find “Manage network connections.” Under “Local Area Connections,” “Properties,” find and click on both IPv6 and IPv4 “Properties.” Make sure that each is set to “Obtain an IP address automatically” and “Obtain DNS servers address automatically.” 

2. Flush your DNS cache:

The DNS cache is where your computer stores networking information on recent visits and attempts to connect to web domains. The cache can become corrupted with inaccurate information. To flush, or clear, this cache, enter ipconfig /flushdns into the command prompt. The next time you revisit a website, the DNS cache will have to renew the DNS information. 

3. Renew your domain name:

Is your web address working but redirecting to a strange website? It’s likely you forgot to renew your domain name. It happens to the best of us—even Google briefly lost “google.com” in 2015 when it forgot to renew. Your best bet is to quickly contact the registrar, as many will wait 20 – 30 days after a domain expires before auctioning it off. 


What are some common causes of DNS issues?

When it comes to network performance, a few common issues may affect user connectivity and lead to DNS errors. 

For troubleshooting DNS issues, you may want to consider how the following factors could be impacting your clients: 


1) Time to live (TTL)

Time to live is the expiration date attached to data in networking. When a caching (recurring) server queries the authoritative name server for any DNS records, the authoritative name server tells the caching server how long those records are good for—which is usually between a few minutes and one day. Until the TTL expires, the caching server will not query the authoritative name server for that same data again but will assume the records are still good.

You can see how this could affect DNS issues. If your DNS records change but your TTL is too high, there will be a delay as the caching server continues to send incorrect records to users until the TTL expires. On the other hand, if the TTL is too low it could overwhelm the authoritative name server with unnecessary queries.

If you are planning on updating DNS records, lower your TTL temporarily before you do so to ensure that users will receive updated data quickly. Servers sometimes don’t recognize a TTL of less than 30 seconds; five minutes (300s) is a typical short TTL. 

In general, use short TTLs for records that are updated frequently, and longer TTLs for more steady records. Records that rarely change and should have longer TTLs of a day (86400s) include MX and TXT.


2) DNS latency

Latency refers to the time it takes queries to be transmitted and returned. When users complain of “the internet being slow today,” they are talking about high latency. DNS issues can be a big part of latency.

One major factor affecting your network speeds is simply the distance that data must travel, but you can potentially improve latency by checking on whether your DNS servers have a centralized or decentralized structure. Consider other providers if your DNS servers are all located significantly far from your users.

TTL also plays a role in latency. As mentioned before, keep TTLs high for consistent DNS records to reduce unnecessary queries.


3) DDOS attack

If you’ve thoroughly checked your network and don’t think the problems are on your end, it might be a problem with your ISP’s DNS servers. Give them a call and let them know. If they confirm a problem with their DNS servers, don’t be afraid to be persistent in following up until the problem is solved.

This might be the worst-case scenario, but if a sudden surge of traffic crashes your site, you may be the victim of a distributed denial of service attack. This is essentially a DNS issue in the sense that it overwhelms the servers. Contact your web host immediately and ask for a new IP. Clear your logs and make sure that your new records match the new IP. 


Tips to troubleshoot DNS issues ?

The following are some of the methods that our Support techs follow for troubleshooting this issue:


1. Checking DNS with utilities

We can use the host and dig utilities to check the proper resolution of the domain.

This tool allows us to check whether the domain is pointing correctly.

We can check this with the following command:

$ host ourdomain.com

The "dig" tool performs DNS lookups and displays the answers that are returned from the nameserver(s) that were queried.

We can dig our domain with the following command:

$ dig ourdomain.com

2. Port 53 open and listing requests

By default, BIND listens to DNS queries on port 53.

We can check whether port 53 is open and listening to the requests.

This can be done using the following tools:

a. Using telnet

We can check whether we are able to connect to port 53 via telnet from a remote computer or not by using the following command:

$ telnet remote_server-ip 53

b. Using netstat

We can use the netstat command to list port 53 on the server itself with the following command:

$ netstat -plan | grep :53

c. Ensure that iptables firewall is not blocking the requests on the server.

We can do this using the following command:

$ iptables -L -n

d. Checking whether the DNS service is running or not.

This can be done using the following commands:

$ /etc/init.d/named status

If named is not running, we can start it using the following command:

$ /etc/init.d/named start

3. Checking the log files

The error messages will be available on the named log file. We can check the log file to know the exact reason for the DNS issue.

The following command can be used to check the logs:

$ tail -f /var/log/messages

4. Check configuration file for errors

Errors in /etc/named.conf can also be a reason for inadequate DNS resolution. 

We can check those errors using the named-checkconf command, which is named (BIND) configuration file syntax checking tool.

$ named-checkconf /etc/named.conf

If named-checkconf did not find any errors it will not display in output on the screen.


5. Check zone file for errors

Zone file syntax errors can be one important reason for DNS failure. The zone file validity checking tool in a bind is “named-checkzone”. It checks the syntax and integrity of a zone file.

We can use the following command to check this.

$ named-checkzone ourdomain.com /var/named/ourdomain.com.db


[Still facing issue DNS issues? We are available 24*7. ]



Conclusion

This article covers how to troubleshoot DNS issues. One of the handiest tools for troubleshooting DNS failures is the NSLOOKUP command, which you can access from a Windows Command Prompt window. Simply type NSLOOKUP followed by the name of the host for which you want to test the name resolution.

Basically, DNS errors are caused by problems on the user end, whether that's with a network or internet connection, misconfigured DNS settings, or an outdated browser. They can also be attributed to a temporary server outage that renders the DNS unavailable.


DNS: online name resolution:

The domain name system (DNS) is a directory service used for transforming alphanumeric domain names into numeric IP addresses. 

A decentralized process, name resolution generally takes place on DNS servers’ networks distributed throughout the world. 

Every internet address you enter into your web browser’s search bar is then forwarded by your router to a DNS server. This server then dissolves the domain name into a numeric sequence and returns a corresponding IP address. 

Should the DNS server fail to produce an answer, then it won’t be possible to access the desired website; the result is the error message ‘DNS server not responding’.


To  clear your DNS cache:

1. On your keyboard, press Win+X to open the WinX Menu.

2. Right-click Command Prompt and select Run as Administrator.

3. Run the following command: ipconfig /flushdns.


To Troubleshoot DNS issues:

The root of such irritating messages can often be traced back to the server outage. In such cases, the DNS server is temporarily unavailable. Most of the time, these problems can be corrected by changing browsers, switching a few of your firewall settings, or restarting your router.

1. In order to rule out that the connection problem isn’t being caused by your web browser, carry out a test by attempting to logon on to the desired web page with alternative applications.

2. In case you aren’t able to achieve your desired results simply by changing browsers, then the next step is to rule out Windows Firewall as the possible culprit.

3. Connection problems can often be solved by restarting the server. Most devices include a power button specifically for this purpose. Should this fail to yield any results, then it looks like a hard reboot may be in store; this is done simply by pulling out the power plug. 

4. If you have ruled out common causes of error such as the router software crashes or conflicts with Windows Firewall, then changing your DNS server could be the solution.



How to Check DNS server?

You can find out whether changing DNS server has solved the problem by carrying out a simple test. 

Enter the URL of a well-known site in your browser (e.g. www.google.com). 

If the site can be accessed it means the DNS server is functioning properly.

If the site can't be accessed, you can enter the following IP address into your browser: 172.217.16.195. 

This is one of Google’s IP addresses. If Google doesn't appear after entering the address, it probably means there's a general internet problem rather than a problem with the DNS server.


For Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on LinuxAPT.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com