Broken key metaphor for DNS lookup failure
When DNS fails, your internet can look broken even though Wi‑Fi is connected and other apps seem fine. You’ll often see errors like “Server IP address could not be found,” “DNS_PROBE_FINISHED_NXDOMAIN,” or pages that spin forever.

Most of the time, the site isn’t down—your device (or network) can’t translate a domain name into an IP address.

This guide explains the common reasons DNS breaks, then walks through fixes from quickest to deepest.

1. Why DNS failures happen (so the fixes make sense)

DNS is the “phone book” lookup: your browser asks a DNS resolver (often from your ISP, router, or a public DNS service) what IP address matches a domain like example.com.

Failures usually come from one of these patterns:

  • Bad cache: Your device or browser remembers an outdated DNS answer.
  • Resolver problems: The DNS server you’re using is slow, blocked, or temporarily down.
  • Network interception: VPNs, “secure DNS,” parental controls, antivirus web shields, and captive portals can hijack DNS.
  • IPv6/IPv4 mismatch: Your network advertises IPv6, but it’s flaky—DNS resolves, but the connection fails after.
  • Local network issues: Router firmware bugs, DNS relay problems, or misconfigured DHCP settings.

If only one site fails, it can also be a real domain issue (expired domain, wrong DNS records), but most people hit DNS problems across multiple sites.

2. Confirm it’s DNS (quick checks that save time)

Checklist icon for quick DNS verification steps
Before changing settings, confirm you’re actually dealing with name resolution.

  • Try the same site on mobile data (turn off Wi‑Fi). If it works there, your home/work network DNS is suspect.
  • Try a different browser (Chrome/Firefox/Safari). If all fail similarly, it’s probably not a single browser issue.
  • Test a “known good” domain like example.com. If even that fails, it’s likely DNS or connectivity.
  • Check for a captive portal: on public Wi‑Fi, open a non-HTTPS page like http://neverssl.com to trigger the sign-in page.

If you can load sites by IP address but not by name, that’s a classic DNS sign.

3. Do the fast resets (they fix the most common causes)

These are safe and reversible.

  • Toggle airplane mode (or disconnect/reconnect Wi‑Fi). This forces a fresh network session.
  • Restart your device if the problem started “out of nowhere.”
  • Restart your router/modem: unplug for 20–30 seconds, then power back on. (This clears some DNS relay glitches.)
  • Forget and re-join the Wi‑Fi network on your device.

After each change, re-test the same failing site so you know what actually worked.

4. Flush DNS caches (browser + system)

Refresh arrow around database to represent DNS cache flush
DNS caching is useful until it isn’t. Flushing forces your device to ask again.

  • Chrome / Edge: open chrome://net-internals/#dns → “Clear host cache”. Then chrome://net-internals/#sockets → “Flush socket pools”.
  • Firefox: go to about:networking#dns → “Clear DNS Cache”.
  • Windows: open Command Prompt and run ipconfig /flushdns.
  • macOS: DNS flush varies by version; the simplest practical approach is restarting, or toggling Wi‑Fi off/on if you’re unsure.

If the error flips from “not found” to “connect timed out,” that can mean DNS is now resolving but another network layer is failing—still useful information.

5. Switch to a reliable DNS resolver (and avoid conflicts)

If your current resolver is unstable or filtered, switching can immediately help. Common stable options include public resolvers like Cloudflare (1.1.1.1) or Google (8.8.8.8).

  • Change DNS on the device (good for testing without affecting everyone on the network).
  • Or change DNS on the router (best long-term fix if the whole household is affected).

One important gotcha: don’t accidentally create a tug-of-war between settings.

  • If you enable Secure DNS / DNS-over-HTTPS in your browser, it may ignore your device DNS.
  • If you use a VPN, it often forces its own DNS to prevent leaks.
  • If your network uses family filters or work DNS, switching may be blocked or redirected.

If you’re troubleshooting, temporarily turn one of these “DNS override” features off so you can test changes cleanly.

6. Check VPN, antivirus “web shield,” and private DNS features

DNS failures frequently show up right after installing (or updating) a VPN, security suite, ad blocker, or “privacy DNS” app.

  • VPN: disconnect briefly and re-test. If it works without VPN, switch VPN server/region, or look for a “use VPN DNS” toggle.
  • Antivirus web protection: try pausing only the web shield component (not full protection) and re-test.
  • Browser secure DNS: turn it off temporarily, or set it to “with your current service provider,” then test again.

If disabling one feature fixes it, re-enable it and adjust just that product’s DNS settings rather than leaving it off permanently.

7. If it’s only one site: rule out a real domain/DNS outage

If everything works except one domain, the issue may be on the site’s side (or a regional DNS propagation problem).

  • Try the site from another network (mobile data) and from another device.
  • If the domain works elsewhere but not on your network, your resolver may have a stale or filtered record—switching DNS (Section 5) is the best test.
  • If the domain fails everywhere, it may be down or misconfigured. At that point, local fixes won’t help much.

Be cautious with random “DNS test” websites that ask you to install tools or profiles. You rarely need that.

Final thoughts

DNS problems are frustrating because they look like “the internet is down,” but they’re often just a broken lookup path or a stale cache.

If you work through resets, cache flushes, and a clean DNS switch (while avoiding VPN/secure-DNS conflicts), you can usually get web access back quickly—and learn which layer caused it.