DNS Resolution Error
Network - Domain name could not be resolved
DNS Resolution Errors
What is DNS?
DNS (Domain Name System) translates domain names like example.com into IP addresses like 93.184.216.34. When DNS fails, browsers can't connect to servers.
ERR_NAME_NOT_RESOLVED
This site can't be reached
example.com's server IP address could not be found.Common DNS Errors
| Error | Meaning |
|---|---|
| NXDOMAIN | Domain doesn't exist |
| SERVFAIL | DNS server failed to respond |
| REFUSED | DNS server refused query |
| TIMEOUT | DNS query timed out |
Diagnosing DNS Issues
# Basic DNS lookup
dig example.com
nslookup example.com
# Query specific DNS server
dig @8.8.8.8 example.com
dig @1.1.1.1 example.com
# Get all record types
dig example.com ANY
# Check specific record types
dig example.com A # IPv4 address
dig example.com AAAA # IPv6 address
dig example.com MX # Mail servers
dig example.com NS # Name servers
dig example.com CNAME # Alias
# Trace DNS resolution path
dig +trace example.com
# Check local DNS cache (macOS)
sudo dscacheutil -flushcache
# Check local DNS cache (Windows)
ipconfig /displaydns
ipconfig /flushdnsNXDOMAIN - Domain Not Found
The authoritative DNS server says this domain doesn't exist. Causes:
- Typo in domain: Check spelling carefully
- Domain expired: Renew through registrar
- Nameservers not set: Configure NS records at registrar
- Recently registered: Wait for propagation
# Check if domain is registered
whois example.com | grep -i "expir"
# Check nameservers at registrar level
dig NS example.com @a.gtld-servers.netSERVFAIL - Server Failure
The DNS server encountered an error processing the query. Causes:
- DNSSEC validation failed: Incorrect DNSSEC signatures
- Nameserver misconfigured: Zone file has errors
- Upstream DNS issue: Try a different resolver
# Check DNSSEC status
dig +dnssec example.com
# Try without DNSSEC validation
dig +cd example.com # Check Disabled
# Test with different resolvers
dig @8.8.8.8 example.com
dig @1.1.1.1 example.com
dig @9.9.9.9 example.comDNS Propagation
DNS changes can take up to 48 hours to propagate globally due to caching.
TTL (Time To Live)
Each DNS record has a TTL that tells resolvers how long to cache it. After changing records, wait for the old TTL to expire.
# Check current TTL
dig example.com | grep -E "^example.com"
# Output: example.com. 300 IN A 93.184.216.34
# ^^^ TTL in seconds (5 minutes)
# Before making changes, lower TTL to 60-300 seconds
# Then wait for old TTL to expire before making the changeCommon Fixes
- Flush local cache: Clear your computer's DNS cache
- Try different resolver: Use 8.8.8.8 or 1.1.1.1
- Check registrar settings: Verify NS records are correct
- Verify zone file: Check for syntax errors
- Wait for propagation: Give it 1-48 hours
DNS Providers
| Resolver | IP Address |
|---|---|
| Google Public DNS | 8.8.8.8, 8.8.4.4 |
| Cloudflare DNS | 1.1.1.1, 1.0.0.1 |
| Quad9 | 9.9.9.9 |
| OpenDNS | 208.67.222.222 |