DNS Troubleshooting
Summary
This note is a simple workflow for troubleshooting DNS problems. The goal is to separate name resolution issues from general connectivity problems and to check DNS step by step instead of guessing.
Why this matters
- DNS failures are one of the most common reasons people say “the network is broken”
- many services fail in a way that looks like connectivity trouble when the real issue is only name resolution
- Linux, Windows, cloud, and SOC work all benefit from fast DNS diagnosis
Environment / Scope
| Item | Value |
|---|---|
| Topic | DNS troubleshooting |
| Best use for this note | when names fail but network state is unclear |
| Main focus | resolver config, lookups, DNS server reachability |
| Safe to practise? | yes |
Key concepts
- separate IP connectivity from name resolution
- check whether the host has a DNS server configured
- confirm whether the DNS server is reachable before blaming the application
Steps / Workflow
1. Check whether the host has basic connectivity
ping 8.8.8.8If raw IP connectivity works, the issue may be DNS rather than general routing.
2. Check the configured DNS servers
cat /etc/resolv.confor on modern Linux:
resolvectl status3. Test name resolution directly
nslookup github.comor:
dig github.com4. Test whether the DNS server itself is reachable
ping <dns-server-ip>5. Compare hostname failure vs direct IP success
If an app works by IP but fails by name, that strongly points towards DNS.
Commands / Examples
| Command | Purpose |
|---|---|
cat /etc/resolv.conf | inspect resolver settings |
resolvectl status | inspect DNS config on systems using systemd-resolved |
nslookup github.com | quick DNS resolution test |
dig github.com | more detailed DNS query |
ping <dns-server-ip> | test reachability to the DNS server |
Example compare-by-name vs compare-by-IP
ping 1.1.1.1
nslookup github.com
curl -I https://140.82.121.4
curl -I https://github.comThis kind of sequence helps separate:
- raw IP connectivity
- DNS resolution
- app behavior by direct IP vs by hostname
Verification
| Check | Expected result |
|---|---|
| Resolver config exists | at least one sensible DNS server is configured |
| DNS query works | nslookup or dig returns an answer |
| DNS server reachable | host can reach the configured DNS server |
| App by name works again | confirms DNS path is healthy |
Pitfalls / Troubleshooting
| Problem | Likely cause | What to check |
|---|---|---|
ping 8.8.8.8 works but names fail | DNS-only issue | resolver settings, DNS server, lookup results |
| Names resolve slowly | slow or unhealthy DNS server | query timing, alternative DNS server |
| Some names work, others do not | upstream resolver or record issue | compare multiple domains, check query type |
| DNS config looks correct but app still fails | application-specific issue | app logs, proxy settings, service config |
Key takeaways
- test raw IP first so you can separate routing from name resolution
- check resolver configuration before assuming the DNS server is broken
nslookupanddigare often enough to narrow the issue quickly