Download now

How do you check if DNS is blocked?

· 7 min read

Quick Answer

To check if DNS is blocked, compare the same lookup across different resolvers, devices, or networks and look for timeouts, redirects, or filtered responses.

When a domain stops resolving, the failure may not be accidental. Some networks block or rewrite DNS responses on purpose.

Step-by-step solutions

  1. Test the same domain with your current resolver and with a public resolver.
  2. Compare the result on another device or mobile network.
  3. Look for timeouts, captive portal redirects, or block pages.
  4. Check router parental controls, firewall rules, and browser secure DNS settings.

Useful commands

Windows

nslookup example.com 1.1.1.1
nslookup example.com 8.8.8.8

macOS

dig example.com @1.1.1.1
dig example.com @8.8.8.8

Linux

dig example.com @9.9.9.9
resolvectl query example.com

If the problem looks like tampering rather than policy, read what DNS spoofing is. If the failure is broader and not domain-specific, continue with how to fix DNS server problems.

FAQ

Can an ISP block DNS?

Yes. ISPs, routers, schools, and corporate firewalls can block or redirect DNS traffic as part of policy or filtering.

How do I know if a domain is filtered?

If one resolver returns the domain normally and another returns a block page, NXDOMAIN, or timeout, filtering is likely involved.

Can secure DNS bypass blocking?

Sometimes encrypted DNS avoids local interception, but network policy, firewalls, and legal restrictions can still block access.

Does blocked DNS always mean malware?

No. Many blocked lookups are caused by parental controls, enterprise policy, DNS filtering, or ad-blocking resolvers.

Test your DNS now

Download DNS Benchmark for free and find the fastest server for your network.

Download DNS Benchmark on Google Play Download DNS Benchmark on the App Store