DNS Troubleshooting
Common DNS issues and how to diagnose them quickly.
Identify the Scope
When DNS resolution fails, start by identifying the scope of the problem. Is it affecting a single client or the entire network? A single client usually points to a local cache or configuration issue, while widespread failures suggest a problem with the DNS server itself or its upstream forwarders.
Common Causes
- Stale DNS cache on the client machine
- Incorrect DNS server configured in DHCP or static settings
- DNS server service stopped or unresponsive
- Forwarder or root hints misconfigured on the DNS server
- Split-horizon DNS returning the wrong record for the network segment
- Firewall blocking port 53 (UDP/TCP) between client and server
Client-Side Diagnostics
nslookup -type=MX contoso.com 8.8.8.8ipconfig /flushdns
ipconfig /registerdnsTip
Always test resolution against the DNS server IP directly (nslookup hostname 10.0.0.1) to rule out client-side configuration issues before investigating the server.
Server-Side Diagnostics
On Windows servers, review the DNS Server event log for errors. For split-horizon DNS environments, ensure internal and external zones are configured correctly and that the correct server is being queried from each network segment.
Resolve-DnsName -Name "server01.contoso.com" -Type A -Server "10.0.0.1"Get-DnsServerForwarder | Format-Table -AutoSize
Get-DnsServerZone | Where-Object { $_.ZoneType -eq "Forwarder" }Warning
Flushing DNS on the server affects all clients. If you suspect a stale record, clear only the specific cached entry using dnscmd /clearcache or Clear-DnsServerCache rather than restarting the service.