A DNS cache is a type of temporary database containing information about recent visits to domains on the Internet, including websites. Another term for DNS cache is DNS resolver cache. The operating system maintains the DNS cache.
What is the Purpose of the DNS Server and the DNS Cache?
DNS contains a record of all public web addresses, along with their IP address mapping. On accessing a particular web address, the browser initiates a request to resolve the Internet name of the requested resource and retrieve the corresponding IP address.
When the website name is converted to its IP address during a host name resolution by the DNS server, the requested resource is made available to the user. The DNS cache tries to first resolve the host name into the IP address without making a trip to the server. When the required entry exists in the DNS cache, the device achieves time savings and higher efficiency while eliminating traffic loads from unnecessarily requests to the DNS server.
How Do DNS Caches Work?
The operating system of a device connected to the Internet first looks for the IP address of the requested host name in its DNS cache database records. The temporary memory of a computer system contains the DNS cache. The DNS cache updates itself to reflect the most recently visited domains along with their IP addresses retrieved from the DNS server at the time of the request.
To view the content of the DNS cache, type the following command in the Windows command prompt:
> ipconfig /displaydns
The above command displays the record name with the host name and corresponding IP address, in addition to several other parameters such as time to live (TTL), data length, and record type. The DNS stores detailed information including the requested URL together with related URLs that point to the web page.
What is DNS Cache Poisoning?
Unauthorized domain names and IP addresses pollute or poison a DNS cache. Computer viruses are the most common cause of DNS cache corruption, although technical glitches or user error might also lead to unintended information in the DNS cache record set. DNS cache poisoning happens in real time due to network attacks that attempt to populate the database with invalid entries. These network attacks are driven by malicious intent for request redirection to wrong or illegitimate websites.
What Happens when you Flush a DNS Cache?
The most efficient resolution mechanism for any suspected attempts to poison a DNS cache is through the Flush DNS cache function. A computer administrator on a Windows based system clears, resets or erases the contents of a DNS cache through the ipconfig tool as indicated below:
> ipconfig /flushdns
On Mac systems, with 10.5 or a higher version, the following command is employed:
The command for flushing the DNS server on Linux based systems is: