Flush DNS: how to clear your DNS cache


Flush DNS: how to clear your DNS cache

Anyone who moves about on the internet leaves a lot of traces – even inexperienced browser users probably know this by now. Website operators use technology such as cookies or JavaScript applications to record the behavior of visitors. The data obtained here is used to optimize the website and personalize the content without users actively disclosing personal details. Many users increasingly rely on ad and JavaScript blockers and proxies or delete history and cookies to put an end to data collection and protect their own privacy.

However, very few users are aware that the operating systemalso saves information about surf behavior: for example, the automatically generated DNS cache contains temporary entries about all visited websites. The following sections explain exactly what this cache is all about and why there are several reasons to delete the DNS cache regularly.

What is the DNS cache?

DNS servers are used to convert domain names such as www.example.com into numerical addresses that can be processed by computer systems. These “name servers” are contacted by default via the browser each time the corresponding projects are accessed, which slightly increases their loading time and can also lead to a DNS server overload in the case of a high number of visitors. Error messages like “DNS Server Not Responding” are a common and despised consequence.

For this reason, operating systems like Windows and macOS attach their own cache for called and resolved addresses – the DNS caches. These save all information that’s relevant for name resolution, each with an entry known as TTL (time to live) where data remains valid for a given time. Within this time, corresponding queries are answered directly from the cache without requiring a detour to the DNS server.

What information does the DNS cache contain?

The information units or entries in the DNS cache are called resource records (RR) and are displayed in ASCII code (in compressed form). The various – partially optional – components include the following:

Resource data (rdata): data that describes the record, for example address or host name
Record type: type of the created entry, e.g. “A”: IPv4 address (decimal value: 1) or “AAAA”: IPv6 address (decimal value: 28)
Record name (optional): domain name of the object for which the DNS entry was created
Time to live (optional): validity period of the resource record in seconds
Class (optional): protocol group that the RR belongs to (mainly “IN” for internet)
Resource data length (optional): value for the length of the resource data
The DNS cache contains IP addresses for the respective domains or hosts as well as additional information specifying it – such as the validity period of the record or the appropriate protocol group. For example, an entry for the domain www.example.com (IPv4:, which should be valid for one error, would look as follows:

www.example.com. 3600 IN A

Why is a regular DNS flush useful?

As mentioned earlier, it makes sense to clear the DNS cache regularly. This doesn’t happen by itself: The entries remain in the cache until the defined TTL expires. There are three reasons in particular that you should take action and set the DNS register to zero with a DNS flush, regardless of the actual validity period of the individual records:

Hide search behavior: While the tracking of user behavior on the internet is primarily carried out by cookies, JavaScript, and others, the DNS cache still offers a potential target for all data collectors. On the basis of the listed addresses, including additional information such as the validity period (if given), you can get an approximate overview of your page history. In any case, your address storage betrays which projects you call up regularly or over a long time. The more comprehensive the collection of cached addresses is, the more you reveal yourself.

Security against manipulation: You should also clear the DNS cache from time to time for security reasons. The information in the cache is practical for delivering web projects – but can quickly become dangerous in the wrong hands. If cyber criminals gain access to the DNS cache, they’re in a position to manipulate the entries and, for example, redirect you to the wrong websites. This so-called DNS poisoning or DNS spoofing is often used to access sensitive log-in data, for example, to online banking. With a DNS flush, you can also dispose of such manipulated records with minimal effort.

Solve technical problems: A DNS flush on Windows, macOS, and others is often an effective solution if you’re experiencing technical problems when accessing web applications. For example, it’s possible that an incorrect version of the called website is being displayed due to outdated entries. In such cases, the domain name is probably filed in the cache with an incorrect or old IP address, which can be remedied by clearing the DNS cache. As a result, the request will once again be directed to the appropriate DNS server and not answered from the cache. With the updated address information, the connection to the web project will once again work as planned.

Clear the DNS cache: how-to

There’s no rule about when the perfect moment for a DNS flush is – unless there’s an urgent problem that can be solved by emptying the cache. The DNS cache should also be cleared immediately if you’re redirected to a site that you didn’t call. This may not necessarily be a spoofing attack based on a manipulated DNS entry, but since such an attack can’t be ruled out in principle, a DNS flush is strongly recommended in such cases.

Updated: April 27, 2016 — 2:30 am

Leave a Reply

Your email address will not be published.