DigiCert KnowledgeBase - Technical Support-hero

Knowledge Base

What is a DNS Trace?

Solution ID : SO272
Last Modified : 10/21/2023

Common questions:

  • Is my domain delegated correctly?
  • I just changed hosts, but my domain isn’t resolving.
  • Why is my site saying DNS error? or DNS not resolved?

What is a DNS Trace

DNS trace is an easy way to check domain delegation (what nameservers are authoritative) without the use of a command line (dig +trace domain.com). You can use a DNS check to see where there are issues in the DNS hierarchy.

Try It Yourself

Did you recently change hosting providers or domain registrars? If your domain isn’t resolving properly, it could be a delegation issue.

When you change hosting services, you will move your domain to different name servers. You also have to tell your domain registrar that your domain has moved, by updating the nameservers to your new hosts’. This tells the registrar to delegate DNS resolution to a different set of name servers.

How DNS Tracing Works

DNS trace recursively checks DNS resolution. The output shows you all the steps required to resolve a domain starting at the root nameservers. This is the backend process that happens when you type a domain into your browser to root name servers and back. 



DNS trace is broken up into multiple sections: root, TLD, and authoritative nameservers; and then the DNS record for that domain.

The most common problem people run into is that they forgot to update their nameservers at their registrar after they changed DNS management providers, then the last step (authoritative nameservers) would not resolve.