What is a DNS cache? DNS caching explained

What is a DNS cache?

Whenever you type a new website into your browser, your DNS first checks if the corresponding IP address for that domain is already cached. If it’s cached, no new query is generated, and the browser uses the cached IP address to load the website. However, if the domain is not cached, a new DNS query is generated. This query moves through the resolver, root server, and top-level domain servers until the correct IP address is found. Once the query matches the domain name with its corresponding IP address, you will be directed to the proper website.

Once a query is successfully resolved, your DNS saves it in the cache, allowing quicker access to that website without repeating the full lookup process.

How does DNS caching work?

DNS caching works by storing resolved DNS queries, allowing you to quickly access known websites without searching for the IP address.

The DNS resolver cache keeps information about the DNS records of domain names that you have already visited. These DNS record types include the A (IPv4 address), AAAA (IPv6 address/Quad A), CNAME (canonical name), SRV (service location), and TXT (text).

Whenever you input a website domain name, the DNS will check the DNS resolver cache to see if you’ve already saved the IP address. If DNS finds the IP address in the cache, you will be quickly redirected. If not, the DNS resolver will initiate the DNS lookup process. Once the DNS finds the IP address, it will forward it to your device and save the resolved query to the cache.

DNS cache records are temporary. DNS entries are kept in the cache for a specified time, known as “time to live” (TTL), typically measured in seconds. After the TTL value is reached, your device will automatically delete the record, requiring a new DNS lookup the next time you visit the domain name.

DNS caching plays a critical role in optimizing your internet browsing experience, and its various benefits include:

• Faster DNS resolution. By allowing DNS servers to solve queries directly from the cache instead of having to ask authoritative servers, DNS caching allows for faster response and load times.
• Reduced network traffic: DNS caching reduces the amount of DNS server queries, improving network efficiency.

Where is the DNS cache stored?

The DNS cache is stored locally on your device, browser, or server. This feature allows quick access to DNS records. However, there is no specific cache file. DNS cache is held in system memory and managed by system services like svchost.exe on Windows.

How to view the DNS cache

The exact method for how to view your DNS cache depends on your device and operating system.

On Windows

To view your DNS cache on Windows, follow these instructions:

1. Press Windows + R to open the “Command prompt” application.
2. Type cmd and press “Ok.”
3. Enter the command: “ipconfig/displaydns.”
4. You can now view the DNS records currently stored on your device.

On macOS

Accessing the DNS cache history on macOS requires a few extra steps:

1. Open the “Terminal” application.
2. Type the command: “sudo killall -INFO mDNSResponder.”
3. Enter your password when prompted.
4. Return to the “Console” application to view the DNS records.
5. Check your macOS device’s “Console” application to view the system logs.

On Linux

Linux does not store DNS records on the operating software, but certain software options may allow you to view local DNS caching.

For name service caching daemon (NSCD) users:

1. Run the command: “sudo strings/var/cache/nscd/hosts.”
2. View the DNS cache history.

For systemd users:

1. Open the “Terminal.”
2. Type “sudo killall -USR1 systemd-resolved” to access the log message.
3. To convert the log message to an easy-to-read .txt file, type the command: “sudo journalctl -u system-resolved > ~dns-cache.txt.”
4. Wait while the file exports.
5. Type the command “less ~/dns-cache.txt.”
6. View the .txt file with your DNS cache history.

What is DNS cache flushing?

DNS cache flushing is the process of manually clearing your DNS cache. Although your DNS resolver cache automatically deletes records when their TTL expires, you can manually flush them anytime.

By purging the local cache, you require your computer to generate new DNS queries for each domain name. Your operating system and browser have separate DNS caches, so you should flush both.

The steps to flush your DNS cache can vary depending on your exact operating system. Take a look at our guide to learn how to clear DNS cache.

Why is it important to flush your DNS cache?

​​It is important to flush your DNS cache to solve connectivity issues, protect your privacy, and maintain DNS security.

Consider flushing your DNS cache to:

• Troubleshoot connectivity issues. The internet is ever-evolving, and sometimes the information stored in your cache is out-of-date. When a website changes its host or IP address, you may get a “404 Not Found” error message. Flushing out your cache forces your DNS server to request new, updated information.
• Solve website loading issues. If a website is not displaying correctly or showing outdated information, it may be related to DNS server issues. When DNS records are changed, DNS propagation can take up to 48 hours. Flush the DNS cache to give your DNS the chance to get the new information from an authoritative server.
• Protect against DNS spoofing. DNS spoofing, also known as DNS cache poisoning, is a cyberattack where bad actors change the information in your cached DNS records. Then, when you enter a legitimate domain name in the search bar, the spoofed DNS record redirects you to a malicious website to steal sensitive data or download malware to your device. Flush the DNS cache to remove spoofed DNS entries.
• Delete expired records. Although relatively rare, sometimes a glitch can keep records in your DNS cache beyond the TTL value. These expired records can interfere with your browsing experience and are prime candidates for DNS poisoning.

In addition to a regular DNS flush, you can consider using a virtual private network (VPN). A VPN is software that encrypts your data for improved security and privacy. VPNs also often operate their own DNS servers, protecting you from DNS poisoning and keeping all information up-to-date.

FAQ

How do I check the DNS settings on Android or iPhone?

To check the DNS settings on Android or iPhone, follow these steps.

For Android users:

1. Go to “Settings.”

2. Select “Network & internet,” then “Wi-Fi.”

3. Tap on the Wi-Fi network you are currently connected to.

4. Scroll down and select “Advanced.”

5. View DNS server information.

For iPhone users:

1. Go to “Settings.”

2. Tap “Wi-Fi.”

3. Select your Wi-Fi network.

4. View DNS information under “Configure DNS.”

When should I clear my DNS cache?

Clearing your DNS cache is a helpful troubleshooting step for connectivity issues or DNS security concerns. Clearing your DNS cache can result in slight delays when you access a domain name for the first time. However, regular DNS cache clearing doesn’t have any other adverse effects.

What is DNS cache poisoning?

DNS cache poisoning is a cybercrime that replaces DNS entries with spoofed records. These new records redirect you to a fake website that aims to steal sensitive information – like passwords, credit card numbers, or social security numbers – or download malware to your device.