What is DNS Cache?

We’ve covered the topic of what a DNS server is in the past and explained how it works. Basically, a DNS server is used to resolve a particular domain to its IP equivalent. However, this process takes time since once a new website request is made, the client must ask the resolver, which asks the root server, which asks the TLD server, for information. Needless to say, each additional check, adds extra time that the visitor must wait to receive a response. Luckily, there is a mechanism in place to help reduce the frequency at which a website visitor’s browser must request a complete DNS lookup. This is called DNS cache. In this article, we’ll further explain what a DNS cache is as well as outline how to flush your DNS cache.

What is DNS Cache?

The domain name system (DNS) cache is the computer’s storage area for recent queries to DNS name servers. When a user sends out a full DNS query including A records and/or MX records, these responses are kept in the DNS cache until they expire, either by the operating system or the browser.

These records map domain names to IP addresses so the domain name doesn’t have to be separately looked up each time it is referenced. When a user wishes to visit a website for the first time, the process can take anywhere from dozens of milliseconds to over a minute. However, if the user visits many times, then this process may take only milliseconds because the website record has been cached in the browser’s or system’s DNS Cache and the IP address doesn’t need to be looked up again.

A DNS server is connected to each hub/router. The latency time for a request for a domain name diminishes as it bounces along to each successive router. Determining the caching DNS server with the lowest latency time is key to accessing the name efficiently. Moreover, when one machine offloads an IP route request, the load gets distributed across those data centers. This results in faster ping and lookup times overall.

How does it work?

Each time a user performs a DNS lookup, its device will first check inside the internal DNS cache that is part of the OS. There is a table of DNS records inside the DNS cache, their values, and the time they could be kept TTL (time-to-live). The TTL value is set by the DNS administrator of each domain name, and it is the time limit that each DNS record has. After the time runs out, a new query is required.

If the DNS query can be resolved from the DNS cache, the user will get their answer, and they can visit the site they desire.

If no, the query will travel to a recursive DNS server. There are many DNS recursive servers out there. Like for example, there are inside your Internet Service Provider. They also have a cache that works in the same way. If the answer can be found there, the user will get it and resolve the domain.

If no, the query will travel to an authoritative nameserver to get the answer.

When it gets the answer, the DNS record or records will be saved in each of the DNS caches of the recursive DNS servers on the way and inside the user’s device, too, for the period that the TTL value indicates.

Next time a new query starts for the same domain name, your device will repeat the process. If not so much time has passed, there is a high chance that the DNS record your device needs is still inside this temporary memory, and the query gets answered instantly.

How to clear the DNS cache

While viewing the DNS cache is useful for monitoring DNS contents or retrieving specific IP addresses, clearing the DNS cache is a critical operation for maintaining network security and updating DNS resource records.

The DNS cache does some of this work on its own – each DNS resource record has a designated Time-to-Live (TTL). After the TTL has expired – meaning after the record has existed for its allotted time span – it is no longer valid. The next time the OS requests its address the cache will have to query the DNS server, automatically updating the cache.

In many cases, system administrators are unaware of the TTL of their DNS records, and often the validity period of DNS entries is too long to ensure optimal web page access reliability and security. To clean out a customer’s cache – a process commonly referred to as flushing the cache – follow these steps, depending on the OS:

• Windows: Again, the Windows DNS flushing process is fairly simple. Enter “ipconfig /flushdns” in the command prompt. You will see the message, “Windows IP configuration successfully flushed the DNS Resolver Cache.” You can view the DNS cache to see the results (a wiped cache).
• macOS: For macOS 10.10.4 and later versions, open the terminal and run the command “sudo killall -HUP mDNSResponder.” The OS will not generate a success message, so it’s best to check for yourself that the flush was fully executed by viewing the DNS cache.
• Linux: To clear the cache of a Linux OS running NSCD, simply restart the application with the command “sudo /etc/init.d/nscd restart.”

A DNS cache is only one component of DNS services, but it serves an integral purpose in facilitating fast, reliable web searches. Understanding how the cache can affect DNS lookup operations allows MSPs to troubleshoot common problems on customers’ networks, prevent phishing, and purge a record of user search history that hackers could otherwise exploit.

Conclusion

DNS cache is a very efficient way to avoid having to complete an entire DNS lookup each time you visit a site. Instead, this process will only need to occur the first time you visit the site and upon subsequent requests, your machine will use the OS’s and browser’s cached DNS information until it expires or is flushed.

If you need to flush or check your DNS cache for any one of the reasons mentioned above, simply follow the instructions that relate to your specific OS.