NetReady.tools

DNS Health

This page does not query your network from the browser. It provides a fast DNS workflow and what outcomes usually imply.

Rule: Prove DNS is correct before escalating “internet down.”

Quick symptom mapping

IP works, names fail → resolver/suffix/split-DNS/proxy policy
Some names work, others fail → split-DNS mismatch, conditional forwarders, cache issues
Internal works, external fails → egress DNS blocked or forced resolver policy
External works, internal fails → internal DNS down, wrong suffix, VPN/DNS settings
Random/intermittent → multiple resolvers returning different answers, timeouts, MTU/fragment issues

What to collect (minimal)

• Your DNS resolvers (from client config)
• Connection context (LAN/Wi-Fi/VPN, VLAN/SSID)
• 2–3 failing hostnames and expected results
• Whether IP connectivity is otherwise good (gateway + known-good IP)

Standard DNS workflow

Common failure patterns

Wrong DNS suffix/search list: internal short names fail, FQDN works.
Split-DNS mismatch: VPN users resolve different answers than on-site users.
Resolver reachability: DNS server ping blocked is not proof it’s down; validate with query results/timeouts.
Multiple resolvers: one fast + one dead causes intermittent failures due to retry behavior.
Stale cache: flush client cache; validate authoritative records from a known-good host.