Saturday, June 12, 2021

How to clear/flush the DNS Cache? (Windows, macOS, Linux)


Flush DNS is a command that helps to clear old DNS resolver cache. It is commonly used to fix network connectivity-related issues.


    • Windows

    Type the following command on the Command Prompt:
    ipconfig /flushdns


    • macOS

    Type the following command on the Terminal Prompt:

    ▶ on macOS Big Sur (11.x), Catalina (10.15)

    sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder

    ▶ on macOS Mojave (10.14), High Sierra (10.13), Sierra (10.12), Mac OS X Mountain Lion (10.8), X Lion (10.7)

    sudo killall -HUP mDNSResponder

    ▶ on Mac OS X El Capitan (10.11), X Mavericks (10.9)

    sudo dscacheutil -flushcache;
    sudo killall -HUP mDNSResponder

    ▶ on Mac OS X Yosemite (10.10)

    sudo discoveryutil udnsflushcaches

    ▶ on Mac OS X Snow Leopard (10.6)

    sudo dscacheutil -flushcache

    ▶ on Mac OS X Leopard (10.5), Mac OS X Tiger (10.4)

    sudo lookupd -flushcache


    • Linux

    By default, DNS caching is not installed or enabled at the O/S level, but if you have installed any of the caching services listed below, use the appropriate commands to flush them.

    Below is a list of the major DNS cache services used in the Linux distribution.

    ✓ Case 1) systemd Resolved Service
    ✓ Case 2) nscd DNS Cache
    ✓ Case 3) dnsmasq DNS Cache
    ✓ Case 4) BIND server DNS Cache

    Type the following command on the Terminal Prompt:


    ▶ Case 1) Flush DNS using systemd-resolved


    Each Linux distribution might use a different DNS service. Some distributions, like Ubuntu, don’t have a default DNS service at all.
    The first thing we need to do is make sure that systemd-resolved is running.

    sudo systemctl is-active systemd-resolved

    analysisman@ubuntu:~$ sudo systemctl is-active systemd-resolved
    [sudo] password for analys1sman:
    active

    If the output is 'active', then you're okay to proceed to check the statistics (see 'Current Cache Size' under the 'Cache' section).

    sudo systemd-resolve --statistics

    analysisman@ubuntu:~$ sudo systemd-resolve --statistics
    DNSSEC supported by current servers: no

    Transactions
    Current Transactions: 0
      Total Transactions: 804

    Cache
      Current Cache Size: 6
              Cache Hits: 86
            Cache Misses: 763

    DNSSEC Verdicts
                  Secure: 0
                Insecure: 0
                   Bogus: 0
           Indeterminate: 0


    ▷ Case 1-1) Flush DNS using systemd


    To flush the DNS cache on a system that uses systemd.
    sudo systemd-resolve --flush-caches

    Alternatively, you can use the 'resolvectl' command followed by the 'flush-caches' option.
    sudo resolvectl flush-caches


    Once again, issue the command:
    sudo systemd-resolve --statistics

    analysisman@ubuntu:~$ sudo systemd-resolve --statistics
    DNSSEC supported by current servers: no

    Transactions
    Current Transactions: 0
      Total Transactions: 804

    Cache
      Current Cache Size: 0
              Cache Hits: 86
            Cache Misses: 763

    DNSSEC Verdicts
                  Secure: 0
                Insecure: 0
                   Bogus: 0
           Indeterminate: 0


    You should now see that the 'Current Cache Size' is at 0.


    ▷ Case 1-2) Flush DNS using signals


    Another way of flushing the DNS cache can be achieved by sending a 'USR2' signal to the 'systemd-resolved' service that will instruct it to flush its DNS cache.

    sudo killall -USR2 systemd-resolved

    In order to check that the DNS cache was actually flushed, you can send a 'USR1' signal to the 'systemd-resolved' service. This way, it will dump its current state into the systemd journal.

    sudo killall -USR1 systemd-resolved
    sudo journalctl -r -u systemd-resolved


    analysisman@ubuntu:~$ sudo journalctl -r -u systemd-resolved
    -- Logs begin at Sun 2021-05-30 23:49:57 UTC, end at Fri 2021-08-13 06:17:55 UTC. --
    Aug 13 06:17:46 ubuntu-uscasj systemd-resolved[1885178]:         Seen RRSIG RR missing: no
    snipped...
    Aug 13 06:17:32 ubuntu-uscasj systemd-resolved[1885178]: Flushed all caches.
    Aug 13 06:08:24 ubuntu-uscasj systemd-resolved[1885178]: Flushed all caches.
    snipped...


    ▶ Case 2) Flush DNS using nscd


    Some Linux distributions use the nscd DNS server. If so, flush it using the below commands.

    ▷ Case 2-1) Systemd-based Linux

    Run the below command to flush the nscd server DNS cache on Systemd-based Linux systems.
    * If 'systemctl status' displays a list of running system services, systemd is definitely in use.

    sudo systemctl restart nscd

    ▷ Case 2-2) SysVinit-based Linux

    Run the following command to clear the nscd server DNS cache on SysVinit-based Linux systems.

    sudo service nscd restart
    or
    sudo /etc/init.d/nscd restart


    ▶ Case 3) Flush DNS using dnsmasq


    In some cases, you may run 'dnsmasq' as a service on your server.
    In order to check whether you are running 'dnsmasq' or not, you can run the following command.

    ▷ Systemd-based Linux
    sudo systemctl is-active dnsmasq

    ▷ SysVinit-based Linux
    sudo service dnsmasq status


    ▷ Case 3-1) Systemd-based Linux

    Run the following command to clear the dnsmasq DNS cache on Systemd-based Linux systems.

    sudo systemctl restart dnsmasq

    After running the command, always make sure that your services were correctly restarted.

    sudo systemctl status dnsmasq


    ▷ Case 3-2) SysVinit-based Linux

    Run the following command to clear the dnsmasq DNS cache on SysVinit-based Linux systems.

    sudo /etc/init.d/dnsmasq restart

    After running the command, always make sure that your services were correctly restarted.

    sudo service dnsmasq status


    ▷ Case 3-3) Flush DNS using signals

    Run the below command to flush your DNS resolver by sending a 'SIGHUP' signal to the 'dnsmasq' process.

    sudo killall -HUP dnsmasq

    In order to check that the DNS cache was actually flushed, you can send a 'USR1' signal to the process.
    sudo killall -USR1 dnsmasq

    Using a simple 'tail' command, you should be able to verify that the DNS cache was actually flushed.

    tail -f /var/log/syslog | grep "cache size"


    ▶ Case 4) Flush DNS using BIND


    In some cases, you may run 'BIND (service name: named)' as a service on your server.
    In order to check whether you are running 'BIND' or not, you can run the following command.

    ▷ Systemd-based Linux
    sudo systemctl is-active named

    ▷ SysVinit-based Linux
    sudo service named status


    ▷ Case 3-1) CentOS/RHEL, Fedora Linux

    Run the following command to clear the BIND DNS cache on your Linux systems.

    sudo service named restart

    or
    sudo /etc/init.d/named restart

    or
    sudo service named stop
    sudo service named start

    or
    sudo rndc restart

    BIND v9.3.0 and higher version supports flushing DNS cache for a particular domain.

    To clear DNS cache for a particular domain:
    sudo rndc flushname analysisman.com

    After running the command, always make sure that your services were correctly restarted.

    sudo service named status


    ▷ Case 3-2) Debian, Ubuntu Linux

    Run the following command to clear the BIND DNS cache on your Linux systems.

    sudo service bind9 restart

    or
    sudo /etc/init.d/bind9 restart

    or
    sudo service bind9 stop
    sudo service bind9 start

    After running the command, always make sure that your services were correctly restarted.

    sudo service bind9 status


    * Reference URL:


    Posted by at 10:00 PM
    Labels: , , , ,

    No comments:

    Post a Comment