Solving DNS Problems, The Definitive Guide

Solving DNS Problems, The Definitive Guide

In this post, you will find the guide to troubleshooting DNS issues.

The Domain Name Servers are responsible for giving us a server physical address when we ask for a domain or sub-domain. When, for example, we put a domain name like mydomain.com in our browser, our browser needs to find out the server IP address where that web page resides (an example of an IPv4 address would be 273.46.192.9 ). At this time, the framework of services responsible for the domain resolution comes into play.

Both the resolution and the configuration of DNS are not a complicated process, but it is complex and consequently a focus of doubts and problems.

In this post, we help you with the most common doubts and problems related to DNS management.

Table of Contents

What are NS or Name Servers?

The Name Servers are responsible for managing the resolution of the so-called Zones or DNS Records.

There are Name Servers of different types in the Internet Network, depending on the hierarchy and function they perform.

  • Root Name Servers. They manage the areas of Root Domain or Top Level Domains. Ex.: “.com, “.net”. “.au”, “.es”, …
    The Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit organization, runs the Root NameServers.
  • Authority Name Servers. Registries manage Authoritative Name Servers. These entities establish rules and organize the management of the “Top Level Domain” TLDs. For instance, “.com” is handled by Verisign, and “.eu” by EURid. Registry entities manage what we could call property or “Authority” of a domain.
  • Primary Name Servers. The Primary Servers are the ones that have the authority to define and manage the Zones of a specific domain.
  • Recursive DNS Resolver or Recursive Domain Name Servers. This type of NS is organized by communicating with other DNS servers to look up an IP address and return it to the client.
    We as Internet users, by default, we use the recursive resolver offered by our Internet Service Provider. However, this is something we can change with other options, for example, 1.1.1.1 from Cloudflare, or 8.8.8.8 from Google.

DNS Zones or Records

A Zone or Registry Record is the unit of information handled by the NS Name Servers. For instance, when we associate a domain mydomain.com to an IP address 273.46.192.9, we define a zone.

The format of the Zones or DNS Records

The appearance of the Zones or Resource Records is as follows:

TYPE     NAME           CONTENT            TTL
A        mydomain.com   172.64.32.132      3600
CNAME    www            mydomain.com       360
MX       m.mydomain.es  mxb.eu.mail.org    900
AAAA     mydomain.es    684D:1111:222:3333 …
TXT      mydomain.es    v=spf1 ~all …

Each record has:

TYPE: It indicates the data format and gives an idea of the intended use. You can check Wikipedia for a complete list of the different DNS record types.

NAME: The domain name is what the user, for example, usually types in the browser. It might be a root domain or a sub-domain, and can be indicated in abbreviated form or even by using aliases and other symbols.

CONTENT: means a destination, IP address, or content pointed at by a domain name.

TTL (time to live): Indicates how often the DNS server will update that record.

What is my DNS?

One of the problems with DNS is that you don’t know which Name Server you’re using. But attention, it is necessary to specify.

It may be that you do not know what DNS resolves the zones on your computer, or you may be wondering how to configure the DNS zones of your web hosting, mail, etc.

We answer both questions.

What is the DNS of my computer?

We show you the shortest path depending on your operating system:

Find DNS in Windows

  1. Open the control panel.
  2. Select “Network and Internet.”
  3. Select “View Network Status and Tasks.”
  4. Then, click on the connection that you have active.

    Which Domain Name Servers do I have on Windows?
  5. By clicking on the “Properties” button, select IPv4, and click on “Properties”.
  6. Under the options list, select “Internet Protocol v4”, and open its Properties.
  7. At the bottom of the “General” tab of “Properties”, you will find the DNS option that your computer is using.

    Configure Name Servers on Windows

NOTE: If you have the “Obtain DNS Servers automatically” option selected, you use the DNS Servers configured on your Internet provider’s router.

Find DNS on Mac OSX

  1. Open the “System Preferences” panel.
  2. Type “DNS” in the panel’s search bar and select “DNS Servers”
  3. In the first column of the window, the DNS you are using appear in order.

    DNS servers on Mac OSX

What is the DNS of my domain?

If you need to change any Zone or DNS Record, you need to know which is the Primary or Master Name Server associated with your domain.

When we register a domain, our Registrar usually provides us with a pair of Primary or NS servers where we can define the Zones or DNS Records.

Primary Name Servers in charge of managing the Zones or Registries.

The Primary DNS might be changed

Although it might seem strange, you can change the Primary DNS of your domain. It could happen that, when switching to a new web hosting, your new Hosting requests you to put the Primary DNS and Secondary DNS of your new management panel.

It could also happen that, at some stage, you transferred the management of your domain from one Registrar to another.

Do not open the way to potential problems with DNS. Though it seems logical to transfer the management of the DNS to the hosting service provider, it is not a recommended practice, in our opinion.

Avoid problems and choose a good DNS manager

It is essential that the Zone management is in the hands of an ICANN-certified Registrar and/or an external DNS manager that has a good DNS deployment.

In turn, you must control the credentials to access your management and, in no case, leave them in the hands of a third person or entity.

Whenever possible, choose a Primary DNS provider with an Anycast network.

DNS Anycast is a way of distributing DNS servers, synchronizing an identical copy of your DNS Zone in multiple geographical points. In this way, your visitors obtain faster resolution of the DNS, since they will ask the server what is closer to your current location.

At Wetopi, we recommend using Cloudflare for its security measures and its Anycast network. You can read more in the post Improve WordPress site speed with Cloudflare.

Going back to the possible problems with the DNS, if your Zone management has changed at some stage over time, you may lose track of it, and it may not be clear who provides those Primary DNS.

If this is the case, consulting the SOA log will clear your doubts immediately.

What is the SOA record?

The SOA “Start Of Authority” record is particular. It is the first record created when we register a domain, and it contains information about who has the authority to define and manage the zones. In other words, it tells you which is the Primary DNS of your domain along with a series of parameters that the DNS network will use in the queries.

Here is an example of SOA record content:

MNAME RNAME SERIAL REFRESH RETRY EXPIRE MINIMUM bob.cloudflare.com admin.lorem.com 2013022001 86400 7200 604800 300

The SOA record includes the following details:

  • MNAME: Domain name of the DNS server constituted as the primary server.
  • RNAME: Domain name that indicates the email address of the person responsible.
  • SERIAL: Timestamp. This value is increasedwith each update, preserved across zone transfers, and may be used as a validation.
  • REFRESH: Time interval before the zone is updated (Refresh).
  • RETRY: Allowed time interval before establishing that an update request has failed (Retry).
  • EXPIRE: Maximum time limit that can elapse before the zone ceases to be “authority”. (Expiration)
  • MINIMUM: Minimum value of the TTL (Time To Live) parameter used for any given exploration of the zone. (minimum lifetime)

What is the Primary Server of my domain?

At this point, we know that the SOA record is the one that gives us that information. Therefore we can find out the Primary Server of a domain with a simple query.

You can use the dig “Domain Internet Groper” command from a terminal window:

 ~ » dig -t soa mydomain.com

;; ANSWER SECTION:
mydomain.es. 299 IN SOA ben.ns.cloudflare.com. dns.cloudflare.com. 2275419164 10000 2400 604800 3600


;; Query time: 37 msec
;; SERVER: 192.168.100.71#53(192.168.100.71)

One alternative to the terminal dig tool is the online zone resolver provided by Google at: https://toolbox.googleapps.com/apps/dig/

Google Admin Toolbox Dig Online Service

How to change the DNS of my domain?

It is crucial to clarify if you are planning to change the DNS Server’s provider, that is, change the Primary DNS in charge of managing the zones; or you want to change a Zone or DNS Record to put the IP address of your new web server, to put an example.

Do not confuse a DNS change with a DNS Zone or Record change

Changing the DNS is changing the Primary, Secondary Name Servers, etc., where we define and manage the zones.
vs
Changing a DNS Zone is changing one of the Information Records managed by our Name Server.

Change DNS or Name Servers

To change the DNS that manages your zones, you must access the control panel of your domain registrar.

Window with Namecheap Custom DNS Servers
Namecheap registrar screen, where we can change the DNS that will manage the zones of our domain.

Change a DNS Zone

To change or register a Zone or DNS Record, you will have to access the management panel of your DNS Servers. The problems appear if, at a stage, we changed the management and we do not remember where we have those Primary DNS of our domain. If so, you will need to query the SOA record as described in the previous section.

Cloudflare DNS Records Dashboard
Cloudflare DNS Records manager example.

DNS record change not working

If you made a change in a Zone and you allowed a reasonable time to pass, let’s say 8 hours, and the DNS record change is not working, the error may be one of these two:

  1. You made a mistake defining the zone. Review and verify that the change is saved correctly.
  2. The change was not carried out in the Primary DNS Server that corresponds to you. To clear up doubts, follow the steps described in the previous section, where we indicate how to query the SOA record.

If it’s not any of these cases, it’s probably that the change is taking too long. We re-address it below.

DNS server not responding

If the web browser does not connect to the Internet, Windows shows you the message: “DNS server is not responding”.

These are not problems with the web page or service that we are accessing, but a connectivity or DNS resolution error on our computer.

The steps to follow to correct this error are:

  1. Try a different browser: If it works in another one, you have located the focus of the problem. Solution: restart the browser, reinstall it and update it.
  2. Disable the firewall: If you have the same problem in all browsers, temporarily disable the Windows firewall.
  3. Reboot the router: If the error remains even after disabling the firewall, try a router reboot. Once the router is off, wait half a minute and boot it again.
  4. Change your DNS settings. We recommend trying Cloudflare DNS (1.1.1.1 and 1.0.0.1) or Google DNS (8.8.8.8 and 8.8.4.4). On this same page, we tell you where to find the DNS in Windows to be able to change them.

DNS change takes a long time

For the efficiency of the Zone query process, the Name servers work in a distributed manner, replicating the information throughout the net. Working in a distributed way helps the efficiency and speed of the network, but it creates problems when we want to update the information of these DNS.

Zone resolution goes a long way with many stop-overs where data is cached. As we make queries, the zones remain in memory for a period of time until they expire and are deleted. The TTL defines the time that the information of a zone remains in the cache.

What is the TTL of a DNS

The TTL, or “Time To Live”, is the time, in seconds, that recursive DNS resolvers cache information about a record.

The TTL may be adjusted when creating or modifying zones.

Advantages of a low TTL

Say a low TTL, for example, 30 seconds. It will allow your zones to disappear in a few seconds from the cache memory of the DNS distributed by the Internet network.

Zone changes in your Primary DNS will take effect within a few seconds.

A TTL of a few seconds will allow us to migrate from one server to another almost instantly.

Disadvantages of a low TTL

It seems ideal to have a TTL of a few seconds set in all the zones and be able to manage changes instantly. But it’s not like that.

A low TTL implies that the Primary server where you define your zones will have to attend to all the resolutions of any user that asks for your domain.

In addition to your saturating the Primary DNS Server, the resolution takes much longer.

Herebelow would be the path that a web page request would take if the domain zone is not cached:

  1. Browser DNS
  2. Solve the Cache of your computer.
  3. DNS Proxy Cache of your router.
  4. Recursive DNS Cache (eg if we use Cloudflare, the 1.1.1.1)
  5. Recursive DNS Cache. Recursive DNS makes cascading questions a limited number of attempts.
  6. Query DNS Root. The root server will report who is the DNS Authority for the domain.
  7. Consult DNS Authority. It will report which is the SOA record to find out who is the Primary DNS.
  8. Primary DNS. The Primary Names Server, where we manage the zones, will finally respond to the request.

If you use very low TTL, you will be increasing the load time of your web page between 200ms and 400ms.

The resolution path of a Zone is long when it does not reside in the memory of the DNS.

NOTE: a too low time to live, for example, a TTL of 10 seconds, will not occasionally be respected. Some DNS apply minimum cache permanence of minutes or even hours for better performance.

Accelerate DNS propagation

One of the problems with DNS is that, apart from lowering the TTL, there is no successful method to speed up the propagation of changes in DNS Zones or Records.

Below we show some of the options to clean the caches.

Clear DNS cache

There is no method to clear the cache of all items that may contain a DNS record or zone. However, we can act on our browser, computer, and the most relevant public DNS providers.

Attention, browsers are lately betting on DoH “DNS over HTTPS” technology, so DNS resolutions remain in the browser and not in the computer’s DNS cache.

For this reason, it is essential to know how to clear the DNS cache in web browsers.

Clear Chrome’s DNS cache

  1. Open a Chrome window.
  2. Type in the address bar chrome://net-internals/#dns and press “Enter”.
  3. Click the “Clear Host Cache” button.

Clear Firefox’s DNS cache

  • Open a new Mozilla Firefox window.
  • Type in the address bar about:config and press “Enter”.
  • Look for the network.dnsCacheExpiration entry.
  • Once found, click on it, set its value to 0, and hit “Enter”.
  • Then click on the blue “check” button.

Clear the DNS on the computer

The operating system has its resolver where the cached DNS zones are also stored. Here we show you how to clean them according to the operating system used.

Flush DNS in Windows

To flush the local DNS cache in Windows by Microsoft follow these steps:

  1. Open CMD, the Terminal window (command console).
  2. Run the command: ipconfig /flushdns
    Clear DNS Cache in Windows CMD

Flush DNS on MacOS

To clean the local DNS cache in MacOS we will carry out the following steps:

  1. Open the Terminal app, and a window like the one below will open.
    macOS Terminal
  2. Run the following two commands: sudo dscacheutil -flushcache and sudo killall -HUP mDNSResponder
    Clear DNS cache on MacOS in terminal

Flush DNS from Public DNS Servers

Although we do not have a way to clear the cache memory of all public DNS providers, we have the cache of the most important ones:

Clear the DNS cache of:

We are techies passionate about WordPress. With wetopi, a Managed WordPress Hosting, we want to minimize the friction that every professional faces when working and hosting WordPress projects.

Not a wetopi user?

Free full performance servers for your development and test.
No credit card required.

See how Wetopi stacks up against your current hosting

Migrating sites to us is free and completely effortless on your part.

No hidden small text.
No commitments.
No credit card.

Try before you buy.