DNS errors — what do they mean and how to fix them?
DNS errors are one of the most common causes of problems with website and email availability. When a browser cannot open a page, the culprit is often incorrect DNS configuration or a problem with the resolver. Knowing the most common DNS error codes allows you to quickly diagnose and fix the problem.
Do you want to check your domain's DNS records?
Check DNS recordsHow does DNS name resolution work?
When you type a website address in a browser, the system sends a query to a DNS resolver which translates the domain name into an IP address. The query goes through several stages: local cache, ISP resolver, root servers, TLD servers, and finally authoritative domain name servers. An error at any stage results in a problem accessing the page.
Most common DNS errors
The domain does not exist in the DNS system. The authoritative name server confirmed that there is no record for the requested name.
- Domain has expired or never existed
- Typo in the URL address
- DNS record has been deleted
- Subdomain has no A or CNAME record configured
Check if the domain exists in the registrar panel. Verify if the DNS record for the subdomain is added. Ensure the URL is typed correctly.
The DNS server was unable to process the query due to an internal error. The resolver did not receive a response from the authoritative name servers or a DNSSEC validation error occurred.
- Domain name servers are unavailable
- Incorrect DNSSEC configuration — invalid signature keys
- Problem with DNS propagation after changing name servers
- Overload or failure of the DNS provider
Check the availability of name servers. If you use DNSSEC — verify the correctness of DS keys in the registrar panel. Try using a different DNS resolver (8.8.8.8 or 1.1.1.1).
The DNS server refused to handle the query. This may result from server policy or an attempt to query a server that is not a recursive resolver.
- Server configured as authoritative does not support recursion
- Client IP address is on the server's blacklist
- Firewall blocks port 53 (UDP/TCP)
Change the DNS resolver to a public one (Google 8.8.8.8, Cloudflare 1.1.1.1). Check firewall rules for port 53.
The DNS query did not receive a response within a specified time. The resolver cannot establish a connection with the name servers.
- Name servers are unavailable or overloaded
- Network connection problem
- Firewall blocks DNS traffic (port 53)
- Name servers configured in the panel are not responding
Check if the domain name servers are active. Verify firewall settings. Use dig or nslookup tool for diagnosis.
The domain exists (no NXDOMAIN error), but there is no record of the requested type. For example, a domain has an A record but no MX record — querying for MX will return NOERROR with an empty response.
Add the missing DNS record in the domain management panel. Check if the MX record is configured if you want to receive mail on this domain.
DNS propagation — why don't changes work immediately?
After making changes to DNS records, they are not immediately visible worldwide. DNS resolvers cache responses for the time specified in the record's TTL (Time To Live) field. Typically, propagation takes from a few minutes up to 48 hours.
| TTL | Propagation time | Use |
|---|---|---|
| 300s (5 min) | 5-15 minutes | Before a planned migration — set low TTL in advance |
| 3600s (1h) | 1-4 hours | Standard TTL for most records |
| 86400s (24h) | 24-48 hours | Default TTL at many registrars |
When planning a server migration or changing DNS provider, change TTL to 300 seconds at least 24 hours before migration. After the migration is complete, you can increase TTL back.
DNS diagnostic tools
To diagnose DNS problems, you can use command-line tools available in every operating system.
dig
Linux / macOS
dig example.com A dig example.com MX dig @8.8.8.8 example.com
nslookup
Windows / macOS / Linux
nslookup example.com nslookup -type=MX example.com nslookup example.com 8.8.8.8
Resolve-DnsName
Windows PowerShell
Resolve-DnsName example.com Resolve-DnsName -Type MX example.com