Loading

Troubleshooting DNS Issues After Salesforce Infrastructure Maintenance

Дата публикации: May 4, 2026
Описание
After a Site Switch, Instance Refresh, Org Migration, or other scheduled maintenance activity, end users can sometimes encounter Salesforce server or web browser errors — such as "This site can't be reached" or "ERR_NAME_NOT_RESOLVED" — even after the maintenance has completed. This is typically caused by stale DNS entries cached on the user's local machine, corporate network, or upstream ISP DNS servers.

 

Scenario:
After a Salesforce Site Switch completes, users in your organization report seeing a "This site can't be reached" error when trying to access their Salesforce org (e.g., mycompany.my.salesforce.com). This is often caused by stale DNS entries on their local machines or network — the old IP address from before the Site Switch is still cached, and the browser is attempting to connect to a server that no longer hosts the org.

Why Stale DNS Cache Causes Problems with Salesforce — A Real Example:
DNS (Domain Name System) works like a phone book — it translates a human-readable domain (e.g., mycompany.my.salesforce.com) into an IP address (e.g., 136.147.46.25) that computers use to connect.
When Salesforce performs a Site Switch (moving your org from one instance, say NA45, to another, say NA135), the IP address your domain resolves to changes. Here's what happens if DNS cache isn't set correctly: 

Before Site Switch
mycompany.my.salesforce.com136.147.46.25 (NA45) — cached on your machine for 86400s (24 hrs)
 
Salesforce completes Site Switch
mycompany.my.salesforce.com now resolves to 136.147.95.10 (NA135)
 
Your machine still uses old cache
Your browser still tries to connect to 136.147.46.25 — which no longer serves your org
Result
"This site can't be reached" / ERR_NAME_NOT_RESOLVED / connection timeout
Решение

Flush Local DNS Cache for Stale Entries

Flushing the DNS cache forces your machine to discard any stored (potentially outdated) IP address mappings and request fresh DNS records from the DNS server. This is always the first step when users experience connectivity issues after Salesforce maintenance.
 
For Windows (7, 8, 10, and 11)
Run the DNS flush command via Command Prompt with administrator privileges. This clears all locally cached DNS records so Windows re-queries fresh DNS entries on next connection.
  1. Click Start.
  2. Enter cmd in the Start menu search text box.
  3. Right-click Command Prompt and select Run as Administrator.
  4. Run the following command:  
    ipconfig /flushdns
 
Example: If your org is mycompany.my.salesforce.com and you're getting a connection error after a Site Switch, run the above command, then open a new browser tab and navigate to mycompany.my.salesforce.com. The browser will now request a fresh DNS lookup.
 
If the command succeeds, Windows returns:
Windows IP configuration successfully flushed the DNS Resolver Cache.
 
For macOS 10.10.4 and Above
On macOS, the DNS cache is managed by mDNSResponder. Sending a signal to this process flushes all cached entries and forces macOS to re-resolve DNS queries from scratch.
  1. Click Applications.
  2. Click Utilities.
  3. Click Terminal.
  4. Run the following command:  
    sudo killall -HUP mDNSResponder
 
Example: After a Salesforce Instance Refresh, run this command in Terminal, then retry your Salesforce URL. macOS will perform a fresh DNS lookup and resolve to the new instance IP.
 

Use an Alternate DNS Service

If errors continue after flushing the local DNS cache, the stale entry may be cached at the network or ISP level — not just locally. In this case, you can bypass your ISP's or corporate network's DNS resolver by switching to a public DNS service.

This is useful when:
  • Multiple users on the same corporate network are affected
  • Flushing local cache didn't resolve the issue
  • Your ISP's DNS server has a long TTL override
 
Recommended public DNS services:
Users can work with their local IT team for assistance switching DNS servers on managed devices.
 

Troubleshoot with Third-Party Providers

If a cloud security, web optimization, or other third-party cloud service (e.g., Zscaler, Netskope, Akamai, Palo Alto Prisma) is actively routing your network's Salesforce traffic, it may also cache stale DNS entries. In this case:
  • Work with your local IT or Network team to ensure third-party providers follow the Salesforce DNS Timeout (TTL) best practices — TTL should be set to 300 seconds.
  • Request that those providers flush any stale DNS entries for your Salesforce domains.
  • If problems continue, escalate to your ISP or DNS vendor to clear entries for:
    - *.salesforce.com
    - *.force.com
    - *.my.salesforce.com
    - *.lightning.force.com
 
Public Open-Source Tools to Confirm If the Issue Is DNS
Before escalating, use these free publicly available tools to independently verify whether you're facing a DNS resolution issue vs. a server-side or network issue:
 
Tool
URL
What It Does
DNS Checker
Checks DNS propagation across 100+ global servers — shows if your domain resolves to the correct IP worldwide or if some regions still have stale entries
MXToolbox DNS Lookup
Full DNS record lookup — shows A, CNAME, MX, TTL values; useful to confirm the current live DNS record
WhatsMyDNS
Similar to DNS Checker — visualises propagation status on a world map; great for post-maintenance verification
Toolbox by Google (dig)
Google's browser-based dig tool — run DNS queries without a terminal; shows TTL, CNAME chains, and A records
nslookup.io
Web-based nslookup — query any DNS record type from multiple resolvers; no terminal required
Ping.eu DNS Lookup
Simple web-based DNS lookup and ping test — useful to check reachability + DNS in one step
 
How to use DNS Checker to confirm a Salesforce DNS issue:
  1. Go to dnschecker.org
  2. Enter your Salesforce domain, e.g., mycompany.my.salesforce.com
  3. Select record type A
  4. If you see mixed results (some locations showing the old IP, some showing the new IP) → this could be a DNS propagation issue — stale cache on some servers
  5. If all locations show the same new IP → DNS has propagated correctly; the issue may be local cache only → flush local DNS and retry
 
Номер статьи базы знаний

000384884

 
Загрузка
Salesforce Help | Article