Description
In some cases, the network is not working due to DNS is down or intermittence. DNS responsible to resolve domain/URL to IP address.
If the DNS unable to resolve, the domain will not reachable.
This article will assist on the DNS troubleshooting.
Solution
Troubleshooting.
There are 3 scenarios for the DNS issue in the network:
1)Fortigate is DNS server.
- PC will use Fortigate interface as DNS server.
2) PC is using local DNS server.
- PC will directly use local DNS server in the network.
3) PC is using public DNS server.
- PC will directly use public DNS such as 8.8.8.8, 1.1.1.1
This troubleshooting will focus on Windows machine.
Open command prompt. And run below command:
In some cases, the network is not working due to DNS is down or intermittence. DNS responsible to resolve domain/URL to IP address.
If the DNS unable to resolve, the domain will not reachable.
This article will assist on the DNS troubleshooting.
Solution
Troubleshooting.
There are 3 scenarios for the DNS issue in the network:
1)Fortigate is DNS server.
- PC will use Fortigate interface as DNS server.
2) PC is using local DNS server.
- PC will directly use local DNS server in the network.
3) PC is using public DNS server.
- PC will directly use public DNS such as 8.8.8.8, 1.1.1.1
This troubleshooting will focus on Windows machine.
Open command prompt. And run below command:
Ping 8.8.8.8
Ping www.google.com
Ping xxx.xxx.xx.xx <----- Any domain which is not working.Ping to 8.8.8.8 is to verify internet connectivity.
-If PC able to ping 8.8.8.8 means internet connectivity is working fine.
Ping to www.google.com is to verify DNS resolution.
-If PC able to ping 8.8.8.8 but not www.google.com, means the DNS is not working.
Basically, Windows(or any machine) will not able to resolve domain on this condition:
- No Preferred/Alternate DNS Server is configured.
- DNS server is not reachable.
- DNS server did not respond to the DNS query.
- DNS server doe not have the DNS record.
Firstly, Lets check on the Windows configuration as below picture.Current adapter is using 8.8.8.8 as Preferred DNS server.8.8.8.8 is a public DNS that will resolve public domain/URL.This public DNS cannot resolve local URL/domain name.
Example.Ping mywebserver.local.myBecause this URL/domain only introduced internally.
Ping syarif-pc
Public DNS like 8.8.8.8 will not have this information.
However, 8.8.8.8 can resolve below address:Ping www.google.comTo check if the DNS is working or not, change the Preferred DNS server on the Windows machine and do domain ping test.
Ping www.amazon.comIf the internal DNS server did not respond to the request, please check on that DNS server.
To have further assistance, contact Fortinet support https://www.fortinet.com/support/contact.html
Conclusion.
DNS resolution is depend on DNS server database.If DNS server able to provide the information, it will give the information to the client.In this scenario is Windows machine.
