How do i check my DNS cache?
Every operating system will require users to follow a different sequence of steps in order to view the contents of the DNS cache, although, generally speaking, the process is fairly similar across mainstream developers. Users will generally need administrative access. Depending on your operating system, you can view DNS contents by following these instructions:
- Windows: Open your command prompt and enter the command “ipconfig /displaydns.” You should then be able to see the records.
- Mac: Open the Terminal app, enter the command “sudo discoveryutil udnscachestats,” and input your password. This will display the Unicast DNS cache. When you have finished scrolling through these results, close the Terminal, reopen it, enter the command “sudo discoveryutil mdnscachestats,” input your password, and scroll through the Multicast DNS cache results.
- Linux: Linux doesn’t create a DNS cache automatically, but many commonly used applications provide this service. If your OS uses the name service caching daemon (NSCD), open the command terminal and enter either “service nscd status” or “sudo service nscd status.”
How do I clear the DNS cache?
While viewing the DNS cache is useful for monitoring DNS contents or retrieving specific IP addresses, clearing the DNS cache is a critical operation for maintaining network security and updating DNS resource records.
The DNS cache does some of this work on its own—each DNS resource record has a designated Time to Live (TTL). After the TTL has expired—meaning after the record has existed for its allotted time span—it is no longer valid. The next time the OS requests its address the cache will have to query the DNS server, automatically updating the cache.
In many cases, system administrators are unaware of the TTL of their DNS records, and often the validity period of DNS entries is too long to ensure optimal web page access reliability and security. To clean out a customer’s cache—a process commonly referred to as flushing the cache—follow these steps, depending on the OS:
- Windows: Again, the Windows DNS flushing process is fairly simple. Enter “ipconfig /flushdns” in the command prompt. You will see the message, “Windows IP configuration successfully flushed the DNS Resolver Cache.” You can view the DNS cache to see the results (a wiped cache).
- Mac: For MacOS 10.10.4 and later versions, open the terminal and run the command “sudo killall -HUP mDNSResponder.” The OS will not generate a success message, so it’s best to check for yourself that the flush was fully executed by viewing the DNS cache.
- Linux: To clear the cache of a Linux OS running NSCD, simply restart the application with the command “sudo /etc/init.d/nscd restart.”
A DNS cache is only one component of DNS services, but it serves an integral purpose in facilitating fast, reliable web searches. Understanding how the cache can affect DNS lookup operations allows MSPs to troubleshoot common problems on customers’ networks, prevent phishing, and purge a record of user search history that hackers could otherwise exploit.
Check out our blog for other common questions and concerns with DNS and other systems issues.