You must have heard about DNS many times. You know that the DNS service, which stands for Domain Name System, is a vital service of the internet infrastructure in the network world. It has the task of translating human-readable domain names to machine-readable IP addresses and vice versa. It also identifies the domain names of sites in the Internet space for users to reach their desired sites. But why is DNS used? DNS acts as an internet phone book, and by converting IP to the domain name, it frees users from remembering long strings of numbers to access site content.
Just as the phone book stores different numbers along with their related names and frees us from memorizing the number of friends, DNS stores the string of numbers along with the domain name. Systems in the network use IP addresses to connect to each other to be identifiable and accessible. Also, users choose a domain name for the string of numbers to avoid remembering the string of IP numbers, and by typing the domain name in the browser, DNS converts the domain name to the corresponding IP address to identify and access the site associated with the domain name and presents it to the browser so that browser can display the content of the site corresponding to the IP address to the user.
With its favorable and helpful performance, DNS is sometimes accompanied by problems that prevent it from performing its tasks efficiently. One of the most common DNS problems is receiving a DNS Server Not Responding Error, which we have previously taught how to solve DNS Server Not Responding Error. As you have seen, fortunately, troubleshooting DNS problems is not a complicated process.
A network administrator to work in the network field, in addition to buying a high-speed and high-quality Linux VPS, must be able to solve possible DNS and network problems by familiarizing himself with DNS troubleshooting tools in Linux. Therefore, familiarity with DNS troubleshooting tools is a necessity for network administrators. In this article, we decided to provide helpful training on troubleshooting DNS issues and introduce you to 10 Linux troubleshooting tools to help you troubleshoot DNS issues. Read this article to the end to become an expert in resolving DNS issues.
What factors are causes for DNS functionality issues?
DNS failure leads to website unavailability, network problems, and email delivery problems. Network and DNS service problems have various reasons that you should try different methods to solve network problems and deeply analyze the network and DNS service. Often misconfiguration of DNS and network infrastructure, malware, internet speed drop and blocked internet connection, interference of local network devices such as routers or switches, wired connection problems in case of use, DNS Cache Poisoning, wrong addresses stored in DNS cache, loss of information in your routing table and other system databases such as server, firewall or security software interference, DDoS attacks, Domain Expiry and Registration Issues are common causes of DNS malfunction which we will explain further.
Sometimes, the interference of local network devices causes problems in DNS performance. If you suspect that the DNS problem is related to the router, you can disconnect the router and then reboot the router to check the connection and the problem.
Sometimes, the problem is not in the DNS service, but it originates from the connections of the site itself, which you can use the Ping command to find out the cause of this problem. Failure to receive a response from the Ping command indicates a problem at the server’s end. Incorrect DNS server configuration and firewall restrictions are other reasons for getting an error in the Ping output. But if you get a response in the ping output, the problem is with DNS.
DNS misconfiguration and DNS server problems
Disruption in DNS performance may be caused by problems related to DNS servers, such as software bugs, misconfiguration of DNS settings (typing errors in records or zone file errors), hardware failures, or DDoS attacks that affect the DNS infrastructure and cause the DNS service to become unresponsive, so you should investigate these factors deeply.
DNS information expiration issues
One of the reasons for DNS not responding is the expiration of the registered domain, which makes DNS records unavailable and disrupts DNS performance. With the extension and release of the DHCP Server’s IP, the old information stored in DNS Cache is refreshed.
To renew the IP in Linux, with Root privileges and using the
sudo dhclient -rcommand, release the current IP to close the connection and renew the IP by executing the
Software and virus problems
A problem in the operating system, a problem in the functioning of the DNS client, or a virus cause problems such as blocking the Internet, and by checking these cases, malicious software must be removed from the system or their problems identified and resolved. System scanning is also helpful to identify suspicious items and clean the system from viruses.
DNS Cache Poisoning
Hackers usually attack the IP address of popular sites for their malicious purposes, and by manipulating DNS Cache information, it directs users to malicious websites. Such cyber attacks cause problems in DNS performance. We recommend clearing the search and update information by Clearing the DNS cache, which is also a security measure so that hackers cannot access this information.
You may ask, how can we flush the DNS cache? Don’t worry, we have already provided a helpful article for clear DNS cache to improve your system security.
Misconfiguration of DNS server addresses
One of the causes of problems in the DNS service is the incorrect configuration of the DNS server addresses. To solve this problem, you should check your Linux distribution’s TCP/IP settings and reset and reconfigure it if needed. For this purpose, follow the steps below:
Click the connection icon > select wired settings > click the gear icon in the network page > Navigate to the IPv4 tab > double-check the Address and DNS IP address list > select Automatic (DHCP) option > change the DNS switch to Automatic
Firewall and security software interference with DNS
We all use firewalls and security software to improve system security, and sometimes strict policies to maximize firewall limits block DNS requests, and DNS performance is disrupted. Therefore, checking and changing the restrictions and rules of the firewall and security software solves the DNS problem in some situations.
A list of the most useful tools for troubleshooting DNS issues
Now that you are familiar with the causes of DNS performance problems and the common methods to solve DNS problems, it is time to become more professional in the field of DNS troubleshooting and familiarize yourself with useful Linux tools. There are many tools for DNS troubleshooting in Linux, each of which has a specific purpose and is valuable for different scenarios. In the following, we will introduce 10 of the best Linux tools to help troubleshoot DNS problems and teach you how to use DNS troubleshooting tools.
To solve the problem, one must first identify the cause of the problem and then proceed to solve the problem. To know the cause of the problem, you need to get information about the DNS servers. The nslookup ( name server lookup) is one of the old and very efficient DNS troubleshooting tools.
The nslookup query tool can also be used on Windows in addition to Linux. By using the nslookup command, the user will be able to check the DNS server records by querying the database, as well as get helpful information about the mapping between the domain name and the associated IP address.
The information you get in the output of the nslookup command by querying the DNS records of a domain name is useful in troubleshooting DNS problems. The basic syntax of the nslookup command is as follows:
nslookup <domain name or IP>
Server: my.local.dns.server Address: 10.10.10.10 Non-authoritative answer: Name: www.OperaVPS.com Addresses: 2607:f8b0:4007:808::2004 18.104.22.168
As you can see in the output, the nslookup command has retrieved information from the DNS record of the domain name along with the IP address (IPv4 and IPv6) associated with the domain name. In the output of our example, the displayed information is that our local DNS server is in the local network. This information can be different for you, and it may be the company’s internal router or DNS server instead of a local server. Do not pay attention to the Non-authoritative answer error because it is not a concern and only the recursive DNS resolver that responds.
Also, regarding the IP address, if both IPv4 and IPv6 are active for the connection, both IP addresses are displayed; Otherwise, only IPv4 is provided.
nslookup supports various options to change its behavior and optimize database queries. One of the things you can check and lookup using the nslookup command is the information related to the email server settings. For this purpose, you must enable the interactive mode of the nslookup command by running the following command:
After changing the notification to “>,” type the domain name and run the following command to retrieve the information about the email server settings:
One of the popular tools for DNS troubleshooting is the Host tool, which, by learning how to use this command, users can manage manual DNS resolution efficiently. Since some users consider the nslookup tool to be old and because it is not updated, they are worried about experiencing a bug when using nslookup, so they choose the Host command as a suitable alternative for DNS service troubleshooting.
The information you receive in the output of the Host command will help you ensure that the domain name exists and resolves to an IP address, and as a result, you can lookup a DNS service. The main syntax of the Host command is as follows:
host <domain name or IP>
$ host www.OperaVPS.com
www. OperaVPS.com has address 22.214.171.124 www.google.com has IPv6 address 2607:f8b0:4007:808::2004 The Host command provides a brief and valuable output. You can use the IP address instead of the domain name to lookup the DNS service: $ host 126.96.36.199
The Host command supports various options to provide more information, including the following:
- -a option: Provide additional information about the domain name, such as existing records( NS, SOA, MX) and answer section
- -C option: Query SOA records.
- -t mx option: allow you to query for the MX records
For example, to get more information about the domain and access available records, you should use the following command:
host -a OperaVPS.com
Trying “OperaVPS.com” Trying “OperaVPS.com” ;; ->> HEADER<<- opcode: QUERY, status: NOERROR, id:33045 ;; flags: qr rd ra: QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0 ;;QUESTION SECTION: ; OperaVPS.com. IN ANY ;; ANSWER SECTION: OperaVPS.com. 92 IN A 188.8.131.52 OperaVPS.com. 10722 IN NS ns3.OperaVPS.com. OperaVPS.com. 10722 IN NS ns2.OperaVPS.com. OperaVPS.com. 10722 IN NS ns1.OperaVPS.com. OperaVPS.com. 0 IN SOA ns1.OperaVPS.com. wie.net. 2021110303 10800 3600 604800 3600 OperaVPS.com. 2263 IN MX .outlook.com.
To learn more about the Host command and how to use it with different options, use the
Dig is one of the tools that is used more recently among users because it is a valuable tool for troubleshooting and solving DNS problems by providing useful information to check DNS problems. Today, ask any professional Linux user to introduce a tool to check DNS problems quickly, without hesitation, they will introduce the dig tool. Dig stands for domain internet groper and is available by default in Linux. As its name suggests, it is one of the most popular and efficient commands for diagnosing and resolving DNS problems.
By executing the dig command, you can access more detailed information about different DNS records, such as SOA, A, and MX. The basic syntax of the dig, which is a powerful DNS lookup tool, is as follows:
dig <domain name or IP>
; <<>> DiG 9.10.3-P4-Ubuntu <<>> -t mx www.OperaVPS.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40683 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.OperaVPS.com. IN MX ;; AUTHORITY SECTION: OperaVPS.com. 60 IN SOA ns1.OperaVPS.com. dns-admin.OperaVPS.com. 164707171 900 900 1800 60 ;; Query time: 61 msec ;; SERVER: 127.0.1.1#53(127.0.1.1) ;; WHEN: Wed Mar 09 15:54:03 EDT 2023 ;; MSG SIZE rcvd: 63
In the dig command output, the status section informs whether the query is successful or not. To get an answer to the request you sent in the Question section, you should check the Answer section. To get the address for the public DNS server, go to the Server section.
Fortunately, to get more optimal output for checking DNS problems, the dig tool supports advanced options, including:
- +short option: access to the IP address mapping and provide brief output
- @ option: Query a Specific DNS Server (the @ symbol is used after the dig command and before the server you want to query. for example:
dig example.com @DNS_server_IP)
- +trace option: display the route to the destination and observe the traffic drop on the path to the destination
- ns option: Identify and troubleshoot delegation problems
For example, to check the path to the destination, use the following command:
dig <domain name > +trace
To solve problems related to delegated name servers, run the following command:
dig <domain name > ns
[man dig]command will familiarize you more with the dig command.
The stopping of data packets in the network is one of the common problems in the network and causes the malfunction of DNS services, which traceroute tools try to find the stopping place of the data packets by tracking the data packets from the source to the destination in the network or the Internet. traceroute tools track different paths of data packets using the TTL (Time To Live) technique in IP. Repositories of all Linux distributions support the traceroute tool by default. To install the traceroute tool in Linux (Debian-based distributions), run the following command:
sudo apt install traceroute
The basic syntax of the traceroute command for network analysis is as follows:
traceroute <domain name or IP>
The Ping command checks and confirms the initial connection and accessibility from the local host (the device that executes the ping command) to the target domain name or IP address, and in this way, it is helpful in troubleshooting DNS system problems. If the ping is unsuccessful and your local machine cannot connect to a remote system or web server over the network, you will find the cause of the DNS problem and quickly fix your problem. To ensure communication with the domain name by pinging the domain name, run the following command:
ping <domain name or IP> -c 4
If you receive a response in the output that informs about the establishment of the initial connection to the domain name and the active name resolution, If an error is displayed in the output, DNS resolution is broken.
Troubleshooting DNS problems via Terminal is complicated for some users; there are many free online services for this purpose, IntoDNS being one of the most popular.
IntoDNS (intodns.com) is a free-to-use DNS performance analysis tool for a domain. IntoDNS tool provides a detailed report about NS, SOA, TTL, MX, nameservers records, email server IP address, and their validity and domain name problems. The information the IntoDNS command provides guides users in identifying potential DNS configuration problems and inappropriate DNS settings for a domain. As a result, with the help of this powerful tool, users can get a better understanding of their domain’s DNS infrastructure and configuration problems that cause problems in domain performance or access.
IntoDNS (intodns.com) is a free-to-use DNS performance analysis tool for a domain. IntoDNS tool provides a detailed report about NS, SOA, TTL, MX, nameservers records, email server IP address, and their validity and domain name problems. The information the IntoDNS command provides guides users in identifying potential DNS configuration problems and inappropriate DNS settings for a domain. As a result, with this powerful tool’s help, users can get a better understand of their domain’s DNS infrastructure and configuration problems that cause problems in domain performance or access.
To use this tool, search and open the Intodns.com website in the browser and type the domain name you want to check in the search bar of the main page of the intoDNS website, and then click on the “Report” button. Therefore, this tool starts analyzing the DNS settings for your target domain name and provides a complete report of the DNS settings of your target domain.
administrators who are looking for a free online DNS lookup service, mxtoolbox.com is for them. MXToolBox is one of the best DNS lookup and network problem detection tools that provides a set of email-related tools for administrators. Using mxtoolbox.com will give you useful information about the health of your target domain, IP or DNS blacklist, web server, and DNS-related problems, making you more knowledgeable in diagnosing and analyzing different aspects of domain DNS configuration and network problems.
The features of MXToolBox do not end with these items, in addition to these features, the MXToolBox tool provides valuable network features and tools for troubleshooting email server problems, monitoring and ensuring the correct functioning of email, and maintaining the health of the email infrastructure.
DNSSTUFF.com is one of the famous sites with online tools for troubleshooting and various tests related to the network, which has simplified the process of troubleshooting DNS problems to network administrators by providing a set of tools including DNS lookup, email verification, IP address lookup, network monitoring, domain health checks, domain or IP address blacklist check, traceroute, etc.
With this website, you will get a lot of information by typing the domain name. dnsstuff is worth a try with the valuable feature it provides to users to help troubleshoot DNS issues.
Another free online service for troubleshooting DNS problems and DNS lookups is the dnsquery.org website. This popular website provides tools for querying DNS records, checking traceroute, and verifying Ping to help network administrators troubleshoot DNS problems.
Due to various online options for troubleshooting DNS problems, do not trust any service to share your important information and consider your security and privacy when choosing an online service. An ideal service provides more online services related to DNS, e-mail, and network-related tasks; dnsquery.org is one of the best and most reliable free online services.
10. DNS Spy
dnsspy.io is one of the other free services for monitoring, validating, and verifying your DNS configurations. This website lets you get detailed information about connecting nameservers and their response, DNS records, domain name security and DNSSEC, and nameservers’ response time. One of the great features of this online service is that it offers warnings and recommendations for each section to guide the user in solving problems.
Yes, Wireshark is one of the most notable ones that make DNS analysis possible in a GUI platform. nmap also supports GUI versions.
- Clear cache
- switching browser
- Restarting the router or modem
- System update
- Disconnecting additional connections
- Rebooting the device
- Checking DNS configuration
Dig is a more advanced tool than nslookup and provides more detailed output with more information, including the response section, query time, and server flags. Also, dig supports a broader range of DNS record types to cover different DNS troubleshooting scenarios.
What is the best DNS service troubleshooting tool in Linux?
In this article, you learned about many tools for troubleshooting DNS problems and checking DNS records, each of which pursues specific goals. Each of the DNS troubleshooting tools provides useful features and information that you should choose the most appropriate tool based on your goals, but if you are comfortable with the Linux terminal, we recommend the old and popular nslookup tool because by querying the database, it provides a comprehensive report of the DNS records of the domain name and mapping between the IP address and the related domain name, and it is very efficient for solving DNS problems. If you think that nslookup is outdated, you can replace it with dig because it is one of the most used tools for troubleshooting DNS problems and an excellent replacement for nslookup.
Online services also provide important information and help solve DNS problems. If you do not prefer working with the Linux command line, many efficient options are available to help you troubleshoot DNS problems. We hope you have been able to diagnose and solve DNS problems using the provided content and become an expert in this field.
If you have experienced another efficient option not mentioned in this article’s list, we will be happy to share it with us and other users.