DNS Troubleshooting Guide

Common DNS issues and step-by-step solutions

DNS issues can prevent websites from loading, stop email from working, or cause slow performance. This guide covers the most common DNS problems and how to fix them.

Common DNS Issues

Domain Not Resolving / Website Won't Load

Symptoms

Solutions

  1. Check DNS Records: Verify A or CNAME records exist and point to the correct IP/domain using our DNS checker.
  2. Verify Nameservers: Ensure domain is using correct nameservers and they're configured properly.
  3. Check Propagation: If you recently changed DNS, wait for propagation (24-48 hours for nameserver changes).
  4. Clear DNS Cache: Flush your local DNS cache and try again.
  5. Test Different DNS Servers: Try using public DNS (8.8.8.8 or 1.1.1.1) to rule out ISP DNS issues.

Slow DNS Resolution

Symptoms

Solutions

  1. Use Faster DNS Servers: Switch to public DNS like Cloudflare (1.1.1.1) or Google (8.8.8.8).
  2. Check Nameserver Performance: Your authoritative nameservers may be slow - consider using a fast DNS provider.
  3. Optimise TTL: Balance TTL values - too low causes more queries, too high delays updates.
  4. DNS Caching: Ensure DNS responses are being cached properly at multiple levels.

Email Not Working (MX Record Issues)

Symptoms

Solutions

  1. Check MX Records: Verify MX records exist and point to correct mail servers using DNS lookup.
  2. Verify Priority Values: MX records must have priority values (lower = higher priority).
  3. Check A Records for Mail Servers: Mail server hostnames in MX records must resolve to IP addresses.
  4. SPF/DKIM/DMARC: Ensure email authentication records (TXT records) are configured correctly.
  5. Allow Propagation Time: Wait 24-48 hours after MX record changes for full propagation.

DNS Propagation Delays

Symptoms

Solutions

  1. Check Global Propagation: Use our DNS propagation checker to see status across all regions.
  2. Lower TTL Before Changes: Reduce TTL to 300-600 seconds 24-48 hours before making changes.
  3. Be Patient: Normal propagation takes 15-60 minutes, nameserver changes can take 24-48 hours.
  4. Clear Caches: Flush DNS caches to see changes immediately on your local machine.

DNS Security Issues

Symptoms

Solutions

  1. Enable DNSSEC: Add DNS Security Extensions to prevent DNS spoofing attacks.
  2. Configure SPF Records: Add SPF TXT record to authorize sending mail servers.
  3. Set Up DKIM: Configure DKIM keys for email authentication.
  4. DMARC Policy: Implement DMARC to protect against email spoofing.
  5. CAA Records: Add CAA records to control which CAs can issue SSL certificates.

Diagnostic Commands

Clear DNS Cache

# Windows
ipconfig /flushdns

# macOS
sudo dscacheutil -flushcache

# Linux
sudo systemd-resolve --flush-caches

Test DNS Resolution

# Using nslookup
nslookup example.com

# Using dig
dig example.com
dig example.com MX
dig example.com NS

# Query specific DNS server
dig @8.8.8.8 example.com

Check Nameservers

# Using dig
dig NS example.com

# Using nslookup
nslookup -type=NS example.com

Quick Fix Checklist

Before Troubleshooting

Common Solutions

Need to Check Your DNS?

Use our free DNS propagation checker to diagnose DNS issues across 39+ global locations

Check DNS Now →

Related guides