DNSLookup
Back to DNS Lookup
Troubleshooting Guide

DNS Errors & How to Fix Them

Step-by-step solutions for common DNS problems including DNS server not responding, slow lookups, and how to flush your DNS cache.

Jump to issue:
DNS Server Not RespondingHow to Flush DNSSlow DNS LookupNXDOMAINSERVFAILTIMEOUTDNS Lookup FailedREFUSEDEmail BounceSSL Certificate ErrorPropagation Delay
DNS Server Not RespondingConnection Failed

Your computer cannot reach the DNS server to resolve domain names. This prevents all websites from loading.

Common Causes

  • DNS server is down or unreachable
  • Network connectivity issues
  • Firewall blocking DNS (port 53)
  • Incorrect DNS server configured
  • Router or modem issues
  • ISP DNS server problems

Solutions

  • Restart your router and modem (unplug for 30 seconds)
  • Switch to a public DNS server (1.1.1.1 or 8.8.8.8)
  • Check if other devices on the network have the same issue
  • Temporarily disable firewall/antivirus to test
  • Run network troubleshooter (Windows) or renew DHCP lease
  • Try connecting via ethernet instead of WiFi

Commands

Windows (Run as Administrator)
ipconfig /flushdnsFlush DNS cache
ipconfig /releaseRelease IP address
ipconfig /renewRenew IP address
netsh winsock resetReset network stack
macOS (Terminal)
sudo dscacheutil -flushcacheFlush DNS cache
sudo killall -HUP mDNSResponderRestart DNS responder
Helpful tools:
DNS LookupPropagation Check
How to Flush DNSClear DNS Cache

Flushing your DNS cache clears stored DNS records, forcing your computer to fetch fresh records. This fixes many DNS-related issues.

Common Causes

  • Stale DNS records in local cache
  • Website changed IP address but cache has old IP
  • DNS poisoning or incorrect cached records
  • Testing DNS changes you just made
  • Website not loading after DNS migration

Solutions

  • Use the flush DNS command for your operating system (see below)
  • Restart your browser after flushing
  • Clear browser cache as well for complete refresh
  • Restart your computer if issues persist

Commands

Windows (Run as Administrator)
ipconfig /flushdnsFlush DNS cache (run as Admin)
ipconfig /displaydnsView cached DNS entries
macOS (Terminal)
sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponderFlush DNS cache (macOS 11+)
sudo killall -HUP mDNSResponderFlush DNS cache (macOS 10.12-10.14)
Linux (Terminal)
sudo systemd-resolve --flush-cachesFlush DNS (systemd-resolved)
sudo service nscd restartRestart nscd cache
sudo /etc/init.d/dns-clean restartUbuntu DNS clean
Chrome Browser
chrome://net-internals/#dnsVisit this URL, click 'Clear host cache'
Helpful tools:
DNS Lookup
Slow DNS LookupDNS Resolution Taking Too Long

DNS queries are taking longer than normal, causing slow website loading and connection delays.

Common Causes

  • Slow or overloaded DNS server
  • Long CNAME chain requiring multiple lookups
  • Network latency to DNS server
  • DNS server geographically far away
  • ISP DNS server performance issues
  • Too many DNS lookups on page

Solutions

  • Switch to a faster public DNS (Cloudflare 1.1.1.1 is often fastest)
  • Use DNS benchmark tools to find fastest server for your location
  • Reduce CNAME chains in your DNS configuration
  • Enable DNS prefetching in your browser
  • Check for DNS amplification or loops
  • Consider using a CDN with optimized DNS

Popular DNS Servers

Cloudflare
1.1.1.1
Usually fastest
Google
8.8.8.8
Very reliable
Quad9
9.9.9.9
Security focused
OpenDNS
208.67.222.222
Content filtering
Helpful tools:
Propagation CheckBest DNS Servers
NXDOMAINNon-Existent Domain

The domain name does not exist in DNS. This means the domain was never registered, has expired, or NS records are missing.

Common Causes

  • Domain name is misspelled
  • Domain registration has expired
  • Domain was never registered
  • DNS records haven't propagated yet
  • Authoritative name servers are misconfigured
  • NS records removed or pointing to wrong servers

Solutions

  • Double-check the spelling of the domain name
  • Verify the domain is registered using WHOIS lookup
  • Check if the domain registration has expired and renew if needed
  • Wait for DNS propagation if you recently registered the domain
  • Verify NS records at your registrar point to correct name servers
  • Check if domain was suspended by registrar
Helpful tools:
WHOIS LookupDNS Lookup
SERVFAILServer Failure

The DNS server encountered an error while processing the query. The authoritative server may be down or misconfigured.

Common Causes

  • Authoritative DNS server is down or unreachable
  • DNSSEC validation failure
  • DNS server software bug or misconfiguration
  • Network connectivity issues between DNS servers
  • Zone file syntax errors
  • Expired DNSSEC signatures

Solutions

  • Check if the authoritative name servers are online
  • Verify DNSSEC configuration if enabled
  • Check DNS server logs for specific errors
  • Try querying different DNS resolvers to isolate the issue
  • Contact your DNS provider if the issue persists
  • Temporarily disable DNSSEC to test
Helpful tools:
Propagation CheckDNS Lookup
TIMEOUTQuery Timeout

The DNS query timed out before receiving a response. The DNS server may be down, overloaded, or unreachable.

Common Causes

  • DNS server is overloaded or unresponsive
  • Network connectivity issues
  • Firewall blocking DNS traffic (port 53)
  • DNS server IP address has changed
  • Rate limiting by DNS provider
  • Packet loss on network

Solutions

  • Try using a different DNS resolver (1.1.1.1, 8.8.8.8)
  • Check your network connectivity
  • Verify firewall allows UDP/TCP port 53
  • Check if your ISP's DNS is having issues
  • If self-hosting DNS, check server resources and logs
  • Test from a different network to isolate issue
Helpful tools:
Propagation Check
DNS Lookup FailedResolution Error

The DNS lookup could not be completed. This is a general error that can have many causes.

Common Causes

  • No internet connection
  • DNS server not configured
  • All configured DNS servers unreachable
  • Domain does not exist (NXDOMAIN)
  • DNS cache corrupted
  • Network driver issues

Solutions

  • Check your internet connection
  • Verify DNS servers are configured in network settings
  • Flush DNS cache and try again
  • Switch to public DNS servers (1.1.1.1 or 8.8.8.8)
  • Restart network adapter or computer
  • Check if the issue affects all domains or just one

Commands

Windows (Run as Administrator)
ipconfig /flushdnsFlush DNS cache
nslookup example.comTest DNS resolution
ping 1.1.1.1Test network connectivity
Helpful tools:
DNS Lookup
REFUSEDQuery Refused

The DNS server refused to answer the query. This often means you're querying a non-recursive server or are blocked.

Common Causes

  • Server doesn't allow queries from your IP (not recursive)
  • Zone transfer restrictions
  • Query type not supported
  • Rate limiting or blacklisting
  • Access control list (ACL) restrictions

Solutions

  • Use a public recursive DNS resolver
  • Check if you're querying the correct server type
  • Verify you're not being rate-limited
  • Try from a different IP address or network
  • Contact the DNS server administrator if needed
Helpful tools:
DNS Lookup
Email BounceEmail Delivery Failed

Emails are bouncing or being rejected due to DNS configuration issues with MX, SPF, DKIM, or DMARC records.

Common Causes

  • Missing or incorrect MX records
  • SPF record doesn't include sending server
  • DKIM signature verification failing
  • DMARC policy rejecting emails
  • Mail server IP has no PTR record
  • SPF exceeds 10 DNS lookup limit
  • Sending IP is blacklisted

Solutions

  • Verify MX records point to valid, reachable mail servers
  • Update SPF record to include all sending servers
  • Use SPF flattening if exceeding 10 lookup limit
  • Configure DKIM and publish public key in DNS
  • Start with DMARC p=none and monitor before enforcing
  • Set up PTR (reverse DNS) for mail server IPs
  • Check blacklist status and request removal if needed
Helpful tools:
Email CheckDNS Lookup
SSL Certificate ErrorCertificate Issues

SSL certificate issuance or validation fails due to DNS problems, often with CAA records or DNS validation.

Common Causes

  • DNS validation record not found
  • CAA record blocking certificate authority
  • DNS propagation not complete
  • Incorrect DNS validation record value
  • DNSSEC validation interfering

Solutions

  • Add the required TXT record for domain validation
  • Check CAA records allow your certificate authority (or remove CAA)
  • Wait for DNS propagation and retry certificate issuance
  • Verify the validation record value is exactly correct
  • Use HTTP validation as an alternative to DNS
Helpful tools:
SSL CheckDNS Lookup
Propagation DelayChanges Not Taking Effect

DNS changes are not visible or working as expected due to caching and propagation delays.

Common Causes

  • Normal propagation delay (TTL-based caching)
  • Local DNS cache holding old records
  • Browser DNS cache
  • ISP caching DNS longer than TTL
  • Changes made to wrong zone or subdomain

Solutions

  • Wait for the current TTL to expire (check TTL values)
  • Flush local DNS cache (see flush DNS section above)
  • Clear browser cache or use incognito mode
  • Try querying from a different network
  • Use propagation checker to verify global status
  • Verify changes are saved at your DNS provider dashboard
Helpful tools:
Propagation CheckDNS Lookup

Still Having Issues?

Use our diagnostic tools to investigate further, or check the learning center for more in-depth DNS knowledge.

DNS LookupLearning CenterBest DNS Servers