DNS troubleshooting tips

For all Windows-based networks, DNS is one of the most important services. Without DNS support, Active Directory cannot work properly, and it uses more functions than any other type of network. Therefore, it is a very critical task to resolve DNS problems as soon as possible. Fortunately, under normal circumstances this process is relatively easy. In this article, the author lists his 10 favorite DNS troubleshooting techniques.

1: Verify the network connection

When a problem with the DNS service is discovered, the first thing that should be done is to verify the network connection of the DNS server. After all, if the actual problem is simply a network card failure, it can save a lot of time spent in a comprehensive inspection of the device from scratch.

The easiest way to verify the connection is to log in to the DNS server and use the ping command to check the connection status with other machines. What should also be done is to try to ping the DNS server using a random machine. It is important to keep in mind that the ping command will only work if Internet Message Control Protocol (ICMP) packets are allowed in the firewall configuration.

2: Determine the scope of the problem

Under the condition that the basic connection is normal, the next step is to determine the scope of the problem. The actual situation is that the Internet name resolution service fails, or the local name resolution service fails? For different problems, the solutions taken are also very different. For example, if the local name resolution service is normal and the Internet name resolution service fails, the problem may be on the DNS server of the Internet service provider.

3: Confirm whether all users are affected

The next thing to consider is whether all users on the network have been affected, or only limited to some users. If it is confirmed that only some users are affected, please check the location of the network segment where these users are located to confirm whether they belong to the same range. If the answer is yes, the problem may be related to a router failure or a Dynamic Host Configuration Protocol (DHCP) configuration error.

4: Confirm whether the load balancing processing technology is running on the DNS server

In some cases, the company's great demand for network server resources will cause the DNS server to be distributed to multiple identical network servers. The load balancing technology that uses DNS round robin technology to achieve workload is put into use. A typical problem in this technology is that when one of the servers has been down, the DNS server will not know that the actual situation has changed. Therefore, although one of the servers is already offline, the incoming traffic is evenly distributed to all servers in the loop. The result is that load balancing resources have problems with intermittent connections.

5: Check the DNS server forwarder

If you have confirmed that the local name resolution service is working properly, but the Internet name resolution service is not working, the next thing to check is whether the DNS server is using a forwarder. Although many DNS servers use root hints to provide Internet name resolution services, some also use forwarders to connect to Internet service provider DNS servers. If there is a problem with the Internet service provider's DNS server, the Internet name resolution service will fail if the entry in the resolver cache expires. If you confirm that the DNS server is not using a forwarder, you can also try to ping the server to see if it is online. What may need to be done is to call the Internet service provider to find out if there are any DNS issues there, and to ensure that the network IP address used in the forwarder is still valid.

6: Try to use a host for ping test

If there is a problem with the name resolution service on the local network, you should choose to try to ping other servers on the network. First, you can use the server's network IP address for ping testing. In this case, you can confirm whether the server can still be connected. The next thing to do is to use the computer name and the fully qualified domain name of the server for ping test.

If the network IP address can pass the ping test, but the domain name fails, the DNS server should be checked to ensure the existence of the host (A) record. If there is no host (A) record, the DNS server will not be able to resolve the name of the host.

7: Use NSLookup to query the domain name command

One of the most convenient tools for troubleshooting DNS is the NSLookup query domain name command. It can be used in the Windows command prompt window. Just enter NSLookup plus the host name that needs to be tested for name resolution services, and Windows can return the network IP address and resolved name of the DNS server (although under normal circumstances, the DNS server name is displayed as unknown). It can also provide fully qualified domain names and network IP addresses of designated hosts.

The NSLOOKUP command is very useful for two things. First, it can allow verification of whether the name resolution service is normal. Secondly, if the name resolution service does not work properly, it can help confirm which server is used. It is important to keep in mind that Nslookup's query results only list the DNS server to which it was originally connected. If the name resolution request is forwarded to other DNS servers, those servers will not be listed.

8: Try to use an alternate DNS server

Most companies have at least two DNS servers. If there is a problem with the primary DNS server, try using an alternate DNS server. If after the DNS server is switched, the name resolution service can work normally, you can confirm that the problem is indeed related to the DNS server, not some external factors.

9: Scan for viruses

Someone asked me for help about a week ago. There was a problem in their network, and the phenomenon was that whenever they tried to visit a specific website, they were redirected to a malicious site. My earliest suspicion was a DNS poisoning attack, but after finding out that only one computer was affected, this possibility was ruled out.

Finally, I found that the problem was that a virus occupied the TCP / IP protocol stack and intercepted all name resolution requests. Although this problem may initially seem to be a problem with DNS, in reality the virus needs to bear ultimate responsibility.

10: Restart the DNS server

I know this measure looks like a cliché, but when all the solutions are unsuccessful, choosing to restart the DNS server is also a way out. In so many years of work experience, I have seen many cases where the name resolution service fails due to unknown reasons, but everything is normal after restarting the DNS server.

Similarly, I have encountered at least two cases where consumer routers stop forwarding DNS requests and other types of traffic are still normal. In one of the cases, restarting the router can solve the problem. In another case, the router must be replaced. According to analysis, the router may have been damaged in the power outage that occurred the day before.

Kitchen Appliance

Air Fryer,Air Fryers,6L Air Fryer,Commercial Air Fryer

Ningbo Anbo United Electric Appliance Co.,ltd , https://www.airfryerfactory.com