Flush DNS: how to clear your DNS cache

Anyone who moves about on the internet leaves a lot of traces – even inexperienced browser users probably know this by now. Website operators use technology such as cookies or JavaScript applications to record the behavior of visitors. The data obtained here is used to optimize the website and personalize the content without users actively disclosing personal details. Many users increasingly rely on ad and JavaScript blockers and proxies or delete history and cookies to put an end to data collection and protect their own privacy.

However, very few users are aware that the operating systemalso saves information about surf behavior: for example, the automatically generated DNS cache contains temporary entries about all visited websites. The following sections explain exactly what this cache is all about and why there are several reasons to delete the DNS cache regularly.

What is the DNS cache?

DNS servers are used to convert domain names such as www.example.com into numerical addresses that can be processed by computer systems. These “name servers” are contacted by default via the browser each time the corresponding projects are accessed, which slightly increases their loading time and can also lead to a DNS server overload in the case of a high number of visitors. Error messages like “DNS Server Not Responding” are a common and despised consequence.

For this reason, operating systems like Windows and macOS attach their own cache for called and resolved addresses – the DNS caches. These save all information that’s relevant for name resolution, each with an entry known as TTL (time to live) where data remains valid for a given time. Within this time, corresponding queries are answered directly from the cache without requiring a detour to the DNS server.

Note

Various applications, such as web browsers or name servers from internet service providers, also have their own DNS cache for speeding up name resolution.

What information does the DNS cache contain?

The information units or entries in the DNS cache are called resource records (RR) and are displayed in ASCII code (in compressed form). The various – partially optional – components include the following:

  • Resource data (rdata): data that describes the record, for example address or host name
  • Record type: type of the created entry, e.g. “A”: IPv4 address (decimal value: 1) or “AAAA”: IPv6 address (decimal value: 28)
  • Record name (optional): domain name of the object for which the DNS entry was created
  • Time to live (optional): validity period of the resource record in seconds
  • Class (optional): protocol group that the RR belongs to (mainly “IN” for internet)
  • Resource data length (optional): value for the length of the resource data

The DNS cache contains IP addresses for the respective domains or hosts as well as additional information specifying it – such as the validity period of the record or the appropriate protocol group. For example, an entry for the domain www.example.com (IPv4: 172.27.171.106), which should be valid for one error, would look as follows:

www.example.com.    3600  IN  A  172.27.171.106

Why is a regular DNS flush useful?

As mentioned earlier, it makes sense to clear the DNS cache regularly. This doesn’t happen by itself: The entries remain in the cache until the defined TTL expires. There are three reasons in particular that you should take action and set the DNS register to zero with a DNS flush, regardless of the actual validity period of the individual records:

  1. Hide search behavior: While the tracking of user behavior on the internet is primarily carried out by cookies, JavaScript, and others, the DNS cache still offers a potential target for all data collectors. On the basis of the listed addresses, including additional information such as the validity period (if given), you can get an approximate overview of your page history. In any case, your address storage betrays which projects you call up regularly or over a long time. The more comprehensive the collection of cached addresses is, the more you reveal yourself.
     
  2. Security against manipulation: You should also clear the DNS cache from time to time for security reasons. The information in the cache is practical for delivering web projects – but can quickly become dangerous in the wrong hands. If cybercriminals gain access to the DNS cache, they’re in a position to manipulate the entries and, for example, redirect you to the wrong websites. This so-called DNS poisoning or DNS spoofing is often used to access sensitive log-in data, for example, to online banking. With a DNS flush, you can also dispose of such manipulated records with minimal effort.
     
  3. Solve technical problems: A DNS flush on Windows, macOS, and others is often an effective solution if you’re experiencing technical problems when accessing web applications. For example, it’s possible that an incorrect version of the called website is being displayed due to outdated entries. In such cases, the domain name is probably filed in the cache with an incorrect or old IP address, which can be remedied by clearing the DNS cache. As a result, the request will once again be directed to the appropriate DNS server and not answered from the cache. With the updated address information, the connection to the web project will once again work as planned.
Tip

You can display the DNS cache currently stored on your system at any time. In Windows, for example, simply open the command prompt and enter the command “ipconfig /displaydns”.

Clear the DNS cache: how-to

There’s no rule about when the perfect moment for a DNS flush is – unless there’s an urgent problem that can be solved by emptying the cache. The DNS cache should also be cleared immediately if you’re redirected to a site that you didn’t call. This may not necessarily be a spoofing attack based on a manipulated DNS entry, but since such an attack can’t be ruled out in principle, a DNS flush is strongly recommended in such cases.

Note

Regardless of whether you clear the DNS cache for a specific reason or just as a preventative measure, you don’t need to worry about any noticeable effect on your web experience: after resetting the cache, only the first access of a web project should take a bit longer than usual if it was previously loaded from saved resource records.

Since the process of a DNS flush varies from system to system, in the following sections we’ve compiled various lists of instructions for individual operating systems.

 

Windows 7: how to flush DNS

As a user of Windows 7, you can run a DNS flush via the command prompt. To use this, click on the Windows home button and type “cmd” into the search bar. Then start the command line tool by clicking or pressing enter.

Enter the following command:

ipconfig /flushdns

When you press enter, Windows clears the DNS cache. You’ll receive the following message confirming that the cache was successfully flushed.

Windows 8: run a DNS flush

The command prompt is also your tool for a DNS flush on Windows 8. First, open the start menu via the home button and then search using the magnifying glass symbol. Search for “cmd” and then select the command prompt by clicking.

To clear the DNS cache, enter the following command:

ipconfig /flushdns

Start the flushing process by pressing enter. A command line message will inform you of the success of the DNS flush.

Windows 10: how to clear the DNS cache

The command prompt works in the same way on Windows 10, and the procedure hardly differs from that of Windows 7 and 8: in the first step, use the search function to look for the command line application cmd.

Now clear the DNS cache with the command “ipconfig /flushdns”:

If the process has functioned as desired, then the command prompt confirms the success of the flush process.

Run a DNS flush on Linux: how it works

Linux systems don’t have a DNS cache by default. The different distributions only offer a function to store DNS information locally with the use of appropriate applications like nscd (name service caching daemon), pdnsd, dns-clean, or dnsmasq. If you use one of these services for caching, you have to control it from the terminal in order to clear the cache.

For pdnsd, there’s a concrete clear command:

sudo pdnsd-ctl empty-cache

To clear the DNS cache from dnsmasq, dns-clean, or ncsd, though, you need to completely restart the respective service:

sudo /etc/init.d/dnsmasq restart
sudo /etc/init.d/nscd restart
sudo /etc/init.d/dns-clean restart

How to flush DNS on Mac

Like Windows, macOS has an integrated DNS cache that automatically collects DNS information and so should be cleared regularly. As opposed to the Microsoft systems, though, the command for resetting the cache varies from version to version. What you need to enter into the terminal to set the DNS register back to zero depends on the edition that you’re working with:

macOS 10.12.0 (Sierra):

sudo killall -HUP mDNSResponder

OS X 10.10.4 (Yosemite) and 10.11.0 (El Capitan):

sudo dscacheutil -flushcache;
sudo killall -HUP mDNSResponder

OS X 10.10.1 to 10.10.3 (Yosemite):

sudo discoveryutil mdnsflushcache
sudo discoveryutil udnsflushcaches

OS X 10.9.0 (Mavericks):

sudo dscacheutil -flushcache;
sudo killall -HUP mDNSResponder