Quick Links
Summary
you’re able to flush the DNS cache on a systemd-based Linux computer with the “resolvectl flush-caches” command. If you use dnsmasq, you can clear the DNS using “sudo killall -HUP dnsmasq” instead.
Is your internet browsing experience slow on your Linux device, or are the websites you’re visiting outdated or the wrong website altogether? Let’s discuss flushing the DNS cache on Linux, and how to know whether you really need to.
What Are DNS Caches?
Thedomain name serviceis the bit of magic that converts names into numbers. It takes device network names and website names and looks up their IP addresses. The network can then use the IP address to correctly route traffic to those devices or sites.
These look-ups, known as requests,don’t happen instantaneously. There’s a small, finite period of time involved. Internet DNS requests may require querying precursor DNS servers, root name servers, top-level domain servers, and authoritative name servers. DNS requests are fast, but to make them faster still, the answers to recent DNS requests are cached on the DNS precursor servers.
If the answer to a DNS request is found in the precursor server’s cache, no further servers need to be contacted. The answer is sent back from the precursor server’s cache. Similarly, a small cache is maintained by your broadband router at home. If you ask for a local network device using its network device name, your router provides the IP address. It may also cache responses it has received from external DNS servers.
Usually, networks and Linux computers are configured to use external DNS services, either provided by your Internet Service Provider or by a free service such asOpenDNSorGoogle DNS. There are good reasons whysome people run their own DNS server, but most of us don’t. However, your Linux computer — even if it isn’t running a DNS server — can optionally cache DNS request results.
The trouble with using cached data is the whole thing is predicated on the assumption that none of the cached details have changed since they were cached. If the details have changed, the information you receive will be out of date.
If a cache entry or the entire cache becomes corrupt, you’ll receive flaky performance at best, and security vulnerabilities at worst. That’s when you’ll want to looking into “flushing” or clearing the DNS cache.
Is Your Computer Using a Local DNS Cache?
Some of our test computers had local DNS caches turned on, and others had it turned off. It was off on ourManjaro21 computer, but it was turned on by default onFedora 37andUbuntu 22.10.
To determine whether your Linux computer is caching DNS requests, use theis-activeoption of thesystemctlcommand. The daemon that manages the DNS cache is the systemd network name resolution manager, known assystemd-resolved.
If the response is “active”, DNS caching is taking place. If the response is “inactive”, it isn’t. On this particular computer, it is active. We can use theresolvectlcommand with the statistics option to see how many records are in the cache.
We can see there are 330 entries in the DNS cache of this computer.
Reviewing Your DNS Cache
Reviewing the DNS cache entries is not a prerequisite to flushing the cache, and if you have no interest in doing so, you canskip this entire step. Sometimes, though, it can be informative. You might see scrambled entries that indicate corruption, or you might see error messages related to device addressing problems on your network.
Now, there isn’t a straightforward way to see these entries. We can do it but need to be a little creative.USR1, or user-defined signal number one, is asignalthat can be sent by thekillandkillallcommands. This signal has no predefined meaning. Applications are free to ignore this signal or to react in whatever way the developers have implemented.
Thesystemd-resolveddaemon reacts toUSR1by writing its cache to the system logs. We can then use thejournalctlcommand to filter out the DNS entries.
We’ll use thekillallcommand withUSR1To send the signal to thesystemd-resolveddaemon. Note that although we’re using thekillallcommand, thesystemd-resolveddaemon continues to run. This isn’t a termination signal that we’re sending.
Now we’ll use thejournalctlcommand with the-u(filter bysystemdunit) option to extract the log entries that have been generated bysystemd-resolved. We’ll redirect that output into a text files called “dns.txt.”
We’ll usethelessfile viewerto view the contents of the file.
You’ll be able to find the cached mappings between domain names andIP addressesby scrolling and searching through the text.
We can see an entry for Google that has an IP address of 216.58.212.196. you’re able to check that by putting the IP address in a web browser. You should see the home page of Google search.
How to Clear the DNS Cache on Linux
Flushing the cache removes all entries, and starts the collection process once more. If there are any, this forcibly removes incorrect and corrupt entries from the cache.
The command is simple; we useresolvectlwith theflush-cachesoption.
We’re silently returned to the command line. To confirm that something has actually happened, we’ll check the DNS cache statistics again.
We can see that the cache size is dropped to zero. It will increase over time as it accumulates new entries.
How to Flush the dnsmasq Cache on Linux
Thednsmasqapplication provides a DNS cache and a DHCP server. It is popular with users who want to run their own DNS server, especially onnon-systemd installations.
Flushing thednsmasqDNS cache is easy. We need to send theSIGHUPsignal, which tells thednsmasqdaemon to effectively reinitialize. Doing so clears its DNS cache. To send the signal we use thekillallcommand with the-HUPflag, and the name of the application.
Flushed, With Success
Of course, if your computer isn’t caching at all, there’s nothing you need to check.
If it is caching DNS requests but everything is working just fine, you can ignore it too. But if you’re experiencing slow or sporadic webpage updates when you’re browsing the web, or seeing the wrong webpages altogether, it’s probably a good time to clear your DNS cache.
tar·pv·cat·tac·chmod·grep·diff·sed·ar·man·pushd·popd·fsck·testdisk·seq·fd·pandoc·cd·$PATH·awk·join·jq·fold·uniq·journalctl·tail·stat·ls·fstab·echo·less·chgrp·chown·rev·look·strings·type·rename·zip·unzip·mount·umount·install·fdisk·mkfs·rm·rmdir·rsync·df·gpg·vi·nano·mkdir·du·ln·patch·convert·rclone·shred·srm·scp·gzip·chattr·cut·find·umask·wc·tr
alias·screen·top·nice·renice·progress·strace·systemd·tmux·chsh·history·at·batch·free·which·dmesg·chfn·usermod·ps·chroot·xargs·tty·pinky·lsof·vmstat·timeout·wall·yes·kill·sleep·sudo·su·time·groupadd·usermod·groups·lshw·shutdown·reboot·halt·poweroff·passwd·lscpu·crontab·date·bg·fg·pidof·nohup·pmap
netstat·ping·traceroute·ip·ss·whois·fail2ban·bmon·dig·finger·nmap·ftp·curl·wget·who·whoami·w·iptables·ssh-keygen·ufw·arping·firewalld
