How do I clear the DNS cache?

Question

I just updated the DNS record (ns1, ns2, ns3.myhostingcompany.com) for a site I've got hosted, but I still get the domain registrar parking page.

I'd like to see if the problem is Ubuntu's cached DNS records. Is there a way to clear Ubuntu's DNS cache? (if such a thing exists?)

Also, check /etc/hosts. I've just been sure that the old IP address of my domain was being cached, but only strace ping example.com revealed that I forgot to remove the /etc/hosts record which I added a time ago because of lacking patience for DNS propagation. — ulidtko, Jul 13 '14 at 12:42
a lot of these answers suggest caching is disabled by default, but they also refer older versions. It certainly appears to be on by default in my machine (18.04) and various answers below do show you how to flush it, just scroll down — Madivad, Aug 27 '18 at 05:20

score 248 · Answer 1 · edited Apr 27 '23 at 10:32

248

Ubuntu 17.04 and higher (18.04)

From Ubuntu 17.04 and onwards, systemd-resolve is used for DNS. You can flush systemd's caches like so:

sudo systemd-resolve --flush-caches

Ubuntu 22.04 and higher

sudo resolvectl flush-caches

edited Apr 27 '23 at 10:32

Andrew

283

answered Jun 27 '17 at 04:09

Mike Shultz

2,621

18

OMG, will you marry me? Solved my issue with 18.04 too \o/ – NiKo May 08 '18 at 17:37
10

This didn't work for me on 16.04 LTS - but it was useful to see yet another way it might have been cacheing: sudo systemd-resolve --statistics – Phil May 10 '18 at 08:24
you saved the day – Danilo Gomes Mar 28 '19 at 13:29
1

Doesnt work on 18.04 – LnxSlck Apr 24 '19 at 09:53
15

For me, systemctl restart systemd-resolved.service did also work on 18.04. – Justin Sane May 08 '19 at 09:04
The --flush-caches flag is not an option for my install of 16.04 Xenial – Hypocritus Jul 24 '19 at 13:16
4

Any idea why it displays this error on Ubuntu 19.10? Failed to flush caches: Unit dbus-org.freedesktop.resolve1.service not found. – baptx Mar 16 '20 at 11:53
2

In my case, on 18.04, the systemd-resolved service restart solved my dns cache issue. Thanks @JustinSane for the comment! – Joël Esponde Apr 07 '20 at 07:26
Works like a charm on 20.04. Thanks – Peter Chaula Oct 16 '20 at 20:01
Ref: documentation – Efren Feb 18 '21 at 00:36
2

Does not work for me on Ubuntu 20.04.3 LTS. After I get ping: api.sin.local: Temporary failure in name resolution. I'll reboot. Feeling like running w95 in past millennium. – Pavel Niedoba Oct 14 '21 at 16:56
2

This definitely doesn't work on Ubuntu 20. You get this error message: sd_bus_open_system: No such file or directory – Andrew Koster Dec 27 '21 at 21:31
18

For ubuntu 22.04, we need to use: sudo resolvectl flush-caches. See answer from @codezalot in systemd-resolve-command-not-found-in-ubuntu-22-04-desktop. – noel aye Oct 03 '22 at 15:36

score 85 · Accepted Answer · edited Jan 29 '23 at 22:47

85

For 18.04 and higher

Look at Mike Shultz' answer.

For 11.10 and below

Ubuntu doesn't cache dns records by default so unless you've installed a dns cache there isn't anything to clear.

DNS records are likely cached by your provider's DNS servers so if you want to check if the DNS changes you made were successful you can interrogate a DNS server from your domain hosting service with dig:

dig -t a ns1.myhostingcompany.com @domain_registrar_dns_server

It you want Ubuntu to start caching dns I recommend installing pdnsd together with resolvconf. nscd is buggy and not advisable.

edited Jan 29 '23 at 22:47

brasofilo

192
2
14

answered Aug 14 '10 at 00:13

Li Lo

15,894

14

Any references as to why nscd is buggy? Is it still buggy today (2012-10)? – jjmontes Sep 26 '12 at 12:13
4

Can you update your answer- ATM it sounds like Ubuntu versions 11.10+ do cache DNS records. – Martin Konecny Feb 08 '15 at 03:08
Mike Shultz's answer definitely doesn't work on Ubuntu 20. You get this error message: sd_bus_open_system: No such file or directory – Andrew Koster Dec 27 '21 at 21:32
So, For 10 years later. If I disabled systemd-resolve for ubuntu and debian. Then there is no DNS cache, Each nslookup will request DNS server? – Alceatraz Apr 03 '23 at 00:11

score 71 · Answer 3 · edited Jun 12 '20 at 14:37

12.04

Ubuntu 12.04 uses dnsmasq which is built into network-manager, but it doesn't cache dns so there is no need to flush it. Here is a sample line from my syslog to prove that point:

dnsmasq[2980]: started, version 2.59 cache disabled

There is also no need for any configuration of dnsmasq. If you are running with stock settings it won't be caching dns, as for it to do so you have to explicitly set it up as this Ubuntu article describes.

If you wanted to refresh your settings you could disable and then enable networking or run

sudo service network-manager restart

This restarts dnsmasq because it is built in to network-manager; check your syslog for the evidence for this.

If you are using a wired connection with dhcp network manager will be taking the settings direct from your router and your connection will be automatically established when you login to Ubuntu. You could check that the settings are correct in your router if you can access it via the web interface, and perhaps reboot it if necessary. If it is a general problem with dns, you could try using Google dns instead of your isp dns, and more information on that is detailed here.

sudo service network-manager restart did the trick for me with Debian — Pierre de LESPINAY, Oct 28 '14 at 09:01

score 66 · Answer 4 · edited Aug 31 '18 at 12:53

66

Note that Ubuntu uses systemd-resolve from 17.04 and onwards so this answer doesn't apply anymore to recent Ubuntu versions. See "flush DNS cache in Ubuntu 17.04 and higher (18.04)"

By default, DNS is not cached in Ubuntu < 17.04 (but it might be cached in the network or application)

To confirm one way or the other whether dnsmasq is caching, run ps ax | grep dnsmasq and look at the running command. Here's a breakdown of my default 13.10 machine:

/usr/sbin/dnsmasq \
  --no-resolv \
  --keep-in-foreground \
  --no-hosts \
  --bind-interfaces \
  --pid-file=/var/run/NetworkManager/dnsmasq.pid \
  --listen-address=127.0.1.1 \
  --conf-file=/var/run/NetworkManager/dnsmasq.conf \
  --cache-size=0 \
  --proxy-dnssec \
  --enable-dbus=org.freedesktop.NetworkManager.dnsmasq \
  --conf-dir=/etc/NetworkManager/dnsmasq.d

/etc/NetworkManager/dnsmasq.d is empty by default. So there aren't any overrides coming in there and just to check --cache-size=0 means what we think it means (instead of an unlimited cache), man dnsmasq shows:

-c, --cache-size=<cachesize>
  Set the size of dnsmasq's cache. The default is 150 names. 
  Setting the cache size to zero disables caching.

So while dnsmasq can cache DNS, it isn't caching out the box. You can check your machine and various configuration directories to check you're on the same page.

If you are seeing cache issues, this is likely happening in one of a few places:

Upstream from your computer. Some routers cache. Many corporate networks will cache DNS. Many ISP-run DNS servers and will use their own caches. The only way to guarantee against a network cache is to use a cache you can manually refresh. This is why I like OpenDNS.
In the client application (notably browsers). Applications can do all sorts of their own caching that Ubuntu has no effect on. How Firefox caches DNS. How to clear Chrome's DNS cache. Other browsers (and applications) might have their own mechanisms.
I'm scraping the barrel here but perhaps you've installed a non-standard DNS server in Ubuntu instead of turning caching on in dnsmasq. There are many: nscd, DJBDNS dnscache (aka TinyDNS), pdns, pdnsd, Bind9 (and its variants), and more I can't even remember. These will probably be evidenced in /etc/resolv.conf (with config in /etc/resolvconf/` to autogen that file). The following shows an locally intercepted DNS query:
```
$ nslookup askubuntu.com
Server:     127.0.1.1
Address:    127.0.1.1#53

Non-authoritative answer:
Name:   askubuntu.com
Address: 198.252.206.24
```
If you're not hitting 8.8.8.8 (or whatever you expect your DNS server to be), check what you are hitting instead. In my case I can see this is just dnsmasq set up to mirror DNS queries back for LXC, but in your case it might be doing bad cachey things.

If you have done of the listed caches, the process for clearing each varies:
```
sudo /etc/init.d/nscd reload    # nscd
sudo /etc/init.d/named restart  # bind9
```

On a slightly related note, see this to enable caching in dnsmasq.

edited Aug 31 '18 at 12:53

Merlijn Sebrechts

7,394
1
42
70

answered Mar 17 '14 at 10:40

Oli

293,335

1

My output from ps aux|grep is the same as yours, yet something definitely IS caching DNSs on my machine. If it's not dnsmasq it's something else. Proof: I created a subdomain on my server, yet I could not ping it, host unreachable. I checked at downforeveryoneorjustme.com and it was up, so propagation issue discarded. Not my router, nor my ISP, because I use Google's DNS's 8.8.8.8. Then I rebooted the computer (and NOT the router) and I could reach the domain. I had been retrying a dozen times before reboot with no luck. First try after reboot reached the host. – matteo Mar 17 '14 at 18:00
And this was not the first time I experienced the same thing, by the way. Months ago the same happened and the only way I could reach the domain was restarting the computer, but then I had an older Ubuntu version. – matteo Mar 17 '14 at 18:01
@matteo The browser? – Oli Mar 17 '14 at 19:00
no, as I said I tested with ping, not (only) the browser(s). – matteo Mar 17 '14 at 23:17
@matteo I've added more but I'm running out of ideas. There just aren't that many more places somebody could cache DNS :) – Oli Mar 18 '14 at 00:18
This is incredibly strange. 100% reproducible: (1) create a new alias test.mydomain.com for my domain on the server, (2) try to ping it => works immediately. (3) try to ping a nonexistent test2.mydomain.com (4) create it (5) ping it again => works immediately. (5) try to visit a nonexistent test3.mydomain.com with Google Chrome (6) create it on the server (7) try to visit it again => won't work (8) try to ping it => won't work. – matteo Mar 23 '14 at 17:32
This means that Google Chrome is triggering some sort of dns caching that goes beyond Google Chrome itself and persists system-wide. Even after clearing Chrome's dns cache, the domain still won't be reachable – matteo Mar 23 '14 at 17:33
WOW, I have sniffed packets with WireShark and indeed the 8.8.8.8 and 8.8.4.4 dns servers are being queried each time! So this actually IS happening upstream. The tremendously funny thing is that rebooting the computer systematically triggers the update. It's like 8.8.8.8 responds in a different way after a reboot of my computer. Unbelievable. – matteo Mar 23 '14 at 17:50
Oh, I guess that's because after reboot the first thing I did was test with Google Chrome itself. Being both the browser and the DNS under the control of Google, Google Chrome probably queries Google's DNS in such a way the first time that the response is cached on the DNS's side; and it probably queries the DNS in a somewhat different way after a reboot, forcing Google's DNS to update the record or something like that. Still funny. – matteo Mar 23 '14 at 17:57
Doing an nslookup somehost returns a local IP even though I've physically removed that host from my system. If there's no caching going on, then why does nslookup retrieve an obsolete IP? – Cerin Jun 30 '16 at 06:19
@Oli I am using pi-hole which uses dnsmasq, I'm 100% sure that my DNS requests are cached, I checked with dig and response time drops from ~150ms to 0ms on second tries and my dns cache size is 10000. So my question is, how do I actually reset dnsmasq's cache? Thanks very much. – Shayan Sep 01 '19 at 12:17

score 40 · Answer 5 · edited Jun 12 '20 at 14:37

40

For 12.04:

Ubuntu 12.04 does cache DNS using dnsmasq ( see man dnsmasq). Use the following to clear the cache:

sudo kill -HUP $(pgrep dnsmasq)

edited Jun 12 '20 at 14:37

Community

1

answered Jul 21 '12 at 21:32

zechariah

560
5
4

Thank you! You are the first I've seen mention anything about 12.04's default caching! – Tarka Sep 13 '12 at 21:22
6

12.04 does not cache dns by default- check your syslog after restarting network-manager; it will have an entry that shows dnsmasq is starting with cache-disabled. – Sep 14 '12 at 21:02
1

I don't know whether the cache is enabled by default, but this answer worked for me. – jeyk Jan 07 '14 at 23:45
Why not just sudo killall -HUP dnsmasq? – James Haigh Apr 20 '14 at 22:13
1

use pkill instead of kill and pgrep – Robert Siemer Sep 09 '14 at 20:45
This doesn't work. nslookup still returns invalid name resolutions even after dnsmasq is killed. – Cerin Jun 30 '16 at 06:24

score 18 · Answer 6 · answered Oct 08 '22 at 10:26

18

For ubuntu 22.04:

sudo resolvectl flush-caches

answered Oct 08 '22 at 10:26

therealak12

293

Mark Davidson · Answer 7 · 2010-08-13T21:29:11.087

17

sudo /etc/init.d/nscd restart

http://www.ubuntugeek.com/howto-clearflush-dns-cache-in-ubuntu.html

Also as a note you can check and see if your DNS changes have propagated using dig and looking up against someone else other than your default DNS servers. In this case google DNS.

dig @8.8.8.8 example.com

edited Aug 13 '10 at 21:29

answered Aug 13 '10 at 21:25

Mark Davidson

1,261

12

Worth noting that nscd isn't installed by default. – Scaine Jan 18 '11 at 20:05

score 11 · Answer 8 · answered Aug 13 '10 at 21:26

11

Personally, I'd use OpenDNS and use their Cache Check function to force a refresh just to make sure the changes work but you can't guarantee they'll refresh for your users within 48 hours.

DNS is a slow beast. Patience will keep you sane.

answered Aug 13 '10 at 21:26

Oli

293,335

+1 I use OpenDNS as well clear cache is very useful. – Mark Davidson Aug 13 '10 at 21:38
I'm suspicious of OpenDNS. I was happy with it at first, but then I started getting suspicious; though I guess if it's a choice between ISP and OpenDNS, I'm better off with OpenDNS, right? – Jono Aug 15 '10 at 20:23
2

I'd say OpenDNS is the lesser evil. They'd like to monetise your traffic but only on bad domain hits. – Oli Aug 15 '10 at 22:35
@Oli The link is down. If you still use it could you please update the links? – Shayan Sep 01 '19 at 12:46

score 7 · Answer 9 · answered Aug 13 '10 at 21:33

7

If you are using nscd:

sudo /etc/init.d/nscd restart

It's worth mentioning that it might not be the OS that is caching it. Everyone likes to cache DNS... Some tests:

Check to see if it's the new or old IP. Most browsers cache DNS as well, so if you haven't restarted Chromium or whatever you might not be seeing the latest.

ping yourdomain.com

Switch your local nameserver in the /etc/resolv.conf to another provider, google or level , examples:

nameserver 8.8.8.8
nameserver 4.2.2.2

And then ping again.

Check to make sure your router isn't caching DNS in any form. (Varies by router/firmware/etc)

Finally, patience. DNS can take a bit of time to propagate throughout the internet.

answered Aug 13 '10 at 21:33

bikesandcode

219

2

If using NetworkManager and DHCP /etc/resolve.conf will get flushed when the DHCP lease expires, so you will have to set a static ip in NetworkManager to get this to work over longer time. – LasseLuttermann Aug 13 '10 at 21:53
+1 I didn't realize Firefox was caching DNS, this helped greatly. – wavemode Dec 22 '14 at 18:57
+1 for switching local nameserver to google worked – Bibek Sharma Jan 05 '17 at 07:37

score 5 · Answer 10 · answered Feb 11 '21 at 13:54

Ping use another DNS

Seems that Ubuntu 20.10 has two (2) DNS caches:

systemd-resolve
nscd

Flushing the DNS cache with the following command didn't work for me:

sudo systemd-resolve --flush-caches

After disable/enable the network and the wifi connection, or rebooting the system, the problem was still there:

nslookup, dig and other commands works
ping doesn't work

All the system configuration was ok, but some addresses where like fixed somewhere.

After searching on different sites I found the problem: there was another DNS cache and ping seems to use that.

To clear the second DNS cache just run:

sudo nscd -i hosts

Flush BOTH DNS caches

You can do it alltoghether, just copy and paste on a terminal:

sudo systemd-resolve --flush-caches
sudo nscd -i hosts

Checking DNS cleared

Not sure if this works? Just take a look:

sudo systemd-resolve --statistics
sudo nscd -g

ubuntu dns resolution: confusing users since 2007 ;-) (afair) — morgwai, Jan 27 '22 at 17:39

score 5 · Answer 11 · answered Mar 18 '14 at 10:07

All the answers above forgot one important thing in the name resolution : generally the DNS servers you request the name resolution to is not the one holding the records themselves (the authoritative server). As each DNS record comes with a Time To Live value which will oblige each DNS server in the resolution chain to do caching during the amount of seconds mentioned by this value. So not only you can cache in your machine, but CERTAINLY the result of the name lookup will be cached somewhere on a server you don't control.

The only solution to be immediately notified of a name record change is to use a TTL value of 0 when creating / updating the entry in the authoritative name server. But this means that for each name resolution, the server will be hit, usually this is not allowed by the registrars. For instance, they can provide a list of pre-defined TTL values you can choose in.

I manage different domain names and to be sure that the change are well applied in the authoritative name servers, I'm using a tool called dnstracer that can show the lookup result on each servers from the DNS root.

In conclusion, even without any DNS caching solution in place, there will still be a delay between the moment you change the DNS records and the change is seen on a PC. This delay greatly depends on the TTL of the records and on the number of DNS servers between you PC and the authoritative name server.

Of course, but if that was the issue, rebooting the computer wouldn't fix it. — matteo, Mar 18 '14 at 14:23

score 2 · Answer 12 · edited Feb 25 '13 at 22:15

2

I used the following command to flush the dns cache on my 12.10 ubuntu box and it worked fantastic.

sudo kill -HUP $(pgrep dnsmasq)

Another helpful signal is the SIGUSR1 which dump a little statistic to syslog or as it is note from man dnsmasq:

In --no-daemon mode or when full logging is enabled (-q), a complete dump of the contents of the cache is made.

edited Feb 25 '13 at 22:15

Eric Carvalho

54,385

answered Feb 25 '13 at 21:41

j0inty

31

use pkill instead of kill and pgrep – Robert Siemer Sep 09 '14 at 20:44

alphayax · Answer 13 · 2018-09-01T08:05:01.460

2

For ubuntu 14.04, I recommand this command :

sudo service dns-clean

edited Sep 01 '18 at 08:05

answered Jun 02 '16 at 14:33

alphayax

121

Not on the default server installs. Only works on 14.04 and below. – R J Aug 31 '18 at 13:58

score 1 · Answer 14 · answered Nov 14 '18 at 19:47

1

On Ubuntu 16.04, I couldn't get the cache to clear unless I did:

sudo service dnsmasq restart

answered Nov 14 '18 at 19:47

Volomike

2,283

just broke my DNS completly DNS_PROBE_FINISHED_BAD_CONFIG can't visit any website. Restarting my computer fixed it though and dns is refreshed. – Philip Rego May 01 '20 at 17:03
@PhilipRego a non-sequitir. A bad DNS config has nothing to do with a restarted DNS service being the cause. It has to do with a bad DNS config. Restarting your computer may have fixed the issue -- but there might be something else at play, such as your DNS may have already been loaded once and was jammed, file corruption on a process file, or some other factor. – Volomike May 01 '20 at 17:26

score 1 · Answer 15 · answered Jun 22 '20 at 09:44

1

Or even

If using bind9 based utiliites:

rndc flush

or, depending on your infrastructure

sudo rndc flush

But in your host and/or your local domain name server...

answered Jun 22 '20 at 09:44

F. Hauri - Give Up GitHub

289
3
10

score 0 · Answer 16 · answered Mar 14 '23 at 14:25

0

For those using Ubuntu via Windows Subsystem for Linux (WSL2), it's useful to know that DNS caching is handled on the Windows (host) side.

Thus, the cache can be cleared with: ipconfig.exe /flushdns

answered Mar 14 '23 at 14:25

Damien

101

score 0 · Answer 17 · edited Mar 20 '17 at 10:18

0

I also found contradictions, but this: https://superuser.com/a/521562 woks for me (Ubuntu 13.10 with latest updates, no special network packages installed).
In short, just use this
sudo /etc/init.d/dns-clean

edited Mar 20 '17 at 10:18