Anyone who moves about on the internet leaves a lot of traces – even inexperienced browser users probably know this by now. Website operators use technology such as cookies or JavaScript applications to record the behavior of visitors. The data obtained here is used to optimize the website and personalize the content without users actively disclosing personal details. Many users increasingly rely on ad and JavaScript blockers and proxies or delete history and cookies to put an end to data collection and protect their own privacy.

What is the DNS cache?

DNS servers are used to convert domain names such as www.example.com into numerical addresses that can be processed by computer systems. These “name servers” are contacted by default via the browser each time the corresponding projects are accessed, which slightly increases their loading time and can also lead to a DNS server overload in the case of a high number of visitors. Error messages like “DNS Server Not Responding” are a common and despised consequence.

For this reason, operating systems like Windows and macOS attach their own cache for called and resolved addresses – the DNS caches. These save all information that’s relevant for name resolution, each with an entry known as TTL (time to live) where data remains valid for a given time. Within this time, corresponding queries are answered directly from the cache without requiring a detour to the DNS server.

What information does the DNS cache contain?

The information units or entries in the DNS cache are called resource records (RR) and are displayed in ASCII code (in compressed form). The various – partially optional – components include the following:

• Resource data (rdata): Data that describes the record, for example address or host name.
• Record type: Type of the created entry, e.g. “A”: IPv4 address (decimal value: 1) or “AAAA”: IPv6 address (decimal value: 28).
• Record name (optional): Domain name of the object for which the DNS entry was created.
• Time to live (optional): Validity period of the resource record in seconds.
• Class (optional): Protocol group that the RR belongs to (mainly “IN” for internet).
• Resource data length (optional): Value for the length of the resource data.

The DNS cache contains IP addresses for the respective domains or hosts as well as additional information specifying it – such as the validity period of the record or the appropriate protocol group. For example, an entry for the domain www.example.com (IPv4: 172.27.171.105), which should be valid for one error, would look as follows:

www.example.com.    3600  IN  A  172.27.171.105

Why is a regular DNS flush useful?

Hide search behavior: While the tracking of user behavior on the internet is primarily carried out by cookies, JavaScript, and others, the DNS cache still offers a potential target for all data collectors. On the basis of the listed addresses, including additional information such as the validity period (if given), you can get an approximate overview of your page history. In any case, your address storage betrays which projects you call up regularly or over a long time. The more comprehensive the collection of cached addresses is, the more you reveal yourself.

Security against manipulation: You should also clear the DNS cache from time to time for security reasons. The information in the cache is practical for delivering web projects – but can quickly become dangerous in the wrong hands. If cybercriminals gain access to the DNS cache, they’re in a position to manipulate the entries and, for example, redirect you to the wrong websites. This so-called DNS poisoning or DNS spoofing is often used to access sensitive log-in data, for example, to online banking. With a DNS flush, you can also dispose of such manipulated records with minimal effort.

Solve technical problems: A DNS flush on Windows, macOS, and others is often an effective solution if you’re experiencing technical problems when accessing web applications. For example, it’s possible that an incorrect version of the called website is being displayed due to outdated entries. In such cases, the domain name is probably filed in the cache with an incorrect or old IP address, which can be remedied by clearing the DNS cache. As a result, the request will once again be directed to the appropriate DNS server and not answered from the cache. With the updated address information, the connection to the web project will once again work as planned.

How to Clear the DNS cache:

There’s no rule about when the perfect moment for a DNS flush is – unless there’s an urgent problem that can be solved by emptying the cache. The DNS cache should also be cleared immediately if you’re redirected to a site that you didn’t call. This may not necessarily be a spoofing attack based on a manipulated DNS entry, but since such an attack can’t be ruled out in principle, a DNS flush is strongly recommended in such cases.

Since the process of a DNS flush varies from system to system, in the following sections we’ve compiled various lists of instructions for individual operating systems.

Windows : How to Flush DNS

You can run a DNS flush via the command prompt. To use this, click on the Windows home button and type “cmd” into the search bar. Then start the command line tool by clicking or pressing enter.

Enter the following command:

ipconfig /flushdns

Start the flushing process by pressing enter. A command line message will inform you of the success of the DNS flush.

Linux : How to Flush DNS

Linux systems don’t have a DNS cache by default. The different distributions only offer a function to store DNS information locally with the use of appropriate applications like nscd (name service caching daemon), pdnsd, dns-clean, or dnsmasq. If you use one of these services for caching, you have to control it from the terminal in order to clear the cache.

For pdnsd, there’s a concrete clear command:

sudo pdnsd-ctl empty-cache

To clear the DNS cache from dnsmasq, dns-clean, or ncsd, though, you need to completely restart the respective service:

sudo /etc/init.d/dnsmasq restart

sudo /etc/init.d/nscd restart

sudo /etc/init.d/dns-clean restart

To use DNS caching services in Linux distributions like Ubuntu and clear the cache, you need administrator rights.

Mac: How to Flush DNS

Like Windows, macOS has an integrated DNS cache that automatically collects DNS information and so should be cleared regularly. As opposed to the Microsoft systems, though, the command for resetting the cache varies from version to version. What you need to enter into the terminal to set the DNS register back to zero depends on the edition that you’re working with:

macOS 10.12.0 (Sierra):

sudo killall -HUP mDNSResponder

OS X 10.10.4 (Yosemite) and 10.11.0 (El Capitan):

sudo dscacheutil -flushcache;

sudo killall -HUP mDNSResponder

OS X 10.10.1 to 10.10.3 (Yosemite):

sudo discoveryutil mdnsflushcache

sudo discoveryutil udnsflushcaches

OS X 10.9.0 (Mavericks):

sudo dscacheutil -flushcache;

sudo killall -HUP mDNSResponder