Introduction

DNS server not responding is a timeout problem, not a wrong-answer problem. A client asks a resolver or authoritative server for a record and gets no usable answer back in time. That points to service reachability, firewall, or resolver health before it points to record content.

Symptoms

  • Browsers or operating systems report a DNS server not responding error
  • DNS queries time out instead of returning NXDOMAIN or an IP address
  • Some networks fail while others still resolve the same domain
  • Internal domains break while public domains continue working, or the reverse
  • The issue started after firewall, ISP, resolver, or network changes

Common Causes

  • The configured resolver is offline or overloaded
  • Firewall rules block UDP or TCP port 53 traffic
  • The authoritative DNS server is unreachable from parts of the network
  • Resolver software is unhealthy, stale, or rate-limiting queries incorrectly
  • Routing or upstream ISP issues interrupt the DNS path

Step-by-Step Fix

  1. Test the affected domain against multiple public and internal resolvers to identify whether the outage is local to one DNS server.
  2. Verify the configured resolver or DNS appliance is online, reachable, and answering both UDP and TCP queries on port 53.
  3. Check firewall, VPN, and network ACL rules for recent changes that block or inspect DNS traffic too aggressively.
  4. If authoritative DNS is self-hosted, query it directly and confirm it responds from the public internet where expected.
  5. Review resolver logs, cache health, and resource usage for crashes, saturation, or repeated upstream failures.
  6. Temporarily switch clients to a known healthy resolver to confirm the issue is resolver-specific rather than a domain problem.
  7. Restart or repair the failing DNS service only after identifying the blocked path, misconfiguration, or saturation causing the timeout.
  8. Re-test from the affected network segments and confirm queries now return consistent answers quickly.
  9. Keep monitoring on query failure rate and DNS service health so the next outage is visible before users report it.