You can flush the DNS cache on a systemd-based Linux computer with the “resolvectl flush-caches” command. If you use dnsmasq, you can clear the DNS using “sudo killall -HUP dnsmasq” instead.
Is your internet browsing experience slow on your Linux device, or are the websites you’re visiting outdated or the wrong website altogether? Let’s discuss flushing the DNS cache on Linux, and how to know whether you really need to.
The domain name service is the bit of magic that converts names into numbers. It takes device network names and website names and looks up their IP addresses. The network can then use the IP address to correctly route traffic to those devices or sites.
These look-ups, known as requests, don’t happen instantaneously. There’s a small, finite period of time involved. Internet DNS requests may require querying precursor DNS servers, root name servers, top-level domain servers, and authoritative name servers. DNS requests are fast, but to make them faster still, the answers to recent DNS requests are cached on the DNS precursor servers.
If the answer to a DNS request is found in the precursor server’s cache, no further servers need to be contacted. The answer is sent back from the precursor server’s cache. Similarly, a small cache is maintained by your broadband router at home. If you ask for a local network device using its network device name, your router provides the IP address. It may also cache responses it has received from external DNS servers.
Usually, networks and Linux computers are configured to use external DNS services, either provided by your Internet Service Provider or by a free service such as OpenDNS or Google DNS. There are good reasons why some people run their own DNS server, but most of us don’t. However, your Linux computer—even if it isn’t running a DNS server—can optionally cache DNS request results.
The trouble with using cached data is the whole thing is predicated on the assumption that none of the cached details have changed since they were cached. If the details have changed, the information you receive will be out of date.
If a cache entry or the entire cache becomes corrupt, you’ll receive flaky performance at best, and security vulnerabilities at worst. That’s when you’ll want to looking into “flushing” or clearing the DNS cache.
To determine whether your Linux computer is caching DNS requests, use the
is-active option of the
systemctl command. The daemon that manages the DNS cache is the systemd network name resolution manager, known as
systemctl is-active systemd-resolved
If the response is “active”, DNS caching is taking place. If the response is “inactive”, it isn’t. On this particular computer, it is active. We can use the
resolvectl command with the statistics option to see how many records are in the cache.
We can see there are 330 entries in the DNS cache of this computer.
Reviewing the DNS cache entries is not a prerequisite to flushing the cache, and if you have no interest in doing so, you can skip this entire step. Sometimes, though, it can be informative. You might see scrambled entries that indicate corruption, or you might see error messages related to device addressing problems on your network.
Now, there isn’t a straightforward way to see these entries. We can do it but need to be a little creative.
USR1, or user-defined signal number one, is a signal that can be sent by the
killall commands. This signal has no predefined meaning. Applications are free to ignore this signal or to react in whatever way the developers have implemented.
systemd-resolved daemon reacts to
USR1 by writing its cache to the system logs. We can then use the
journalctl command to filter out the DNS entries.
We’ll use the
killall command with
USR1 To send the signal to the
systemd-resolved daemon. Note that although we’re using the
killall command, the
systemd-resolved daemon continues to run. This isn’t a termination signal that we’re sending.
sudo killall -USR1 systemd-resolved
Now we’ll use the
journalctl command with the
-u (filter by
systemd unit) option to extract the log entries that have been generated by
systemd-resolved . We’ll redirect that output into a text files called “dns.txt.”
sudo journalctl -u systemd-resolved > dns.txt
We’ll use the
less file viewer to view the contents of the file.
You’ll be able to find the cached mappings between domain names and IP addresses by scrolling and searching through the text.
We can see an entry for Google that has an IP address of 188.8.131.52. You can check that by putting the IP address in a web browser. You should see the home page of Google search.
Flushing the cache removes all entries, and starts the collection process once more. If there are any, this forcibly removes incorrect and corrupt entries from the cache.
The command is simple; we use
resolvectl with the
We’re silently returned to the command line. To confirm that something has actually happened, we’ll check the DNS cache statistics again.
We can see that the cache size is dropped to zero. It will increase over time as it accumulates new entries.
dnsmasq application provides a DNS cache and a DHCP server. It is popular with users who want to run their own DNS server, especially on non-systemd installations.
dnsmasq DNS cache is easy. We need to send the
SIGHUP signal, which tells the
dnsmasq daemon to effectively reinitialize. Doing so clears its DNS cache. To send the signal we use the
killall command with the
-HUP flag, and the name of the application.
sudo killall -HUP dnsmasq
Of course, if your computer isn’t caching at all, there’s nothing you need to check.
If it is caching DNS requests but everything is working just fine, you can ignore it too. But if you’re experiencing slow or sporadic webpage updates when you’re browsing the web, or seeing the wrong webpages altogether, it’s probably a good time to clear your DNS cache.