What is DNS?
The Domain Name System (DNS), is an Internet service that is responsible for translating a Fully Qualified Domain Name (FQDN), like website addresses, into an IP address. Without a working DNS configuration, computers wouldn’t be able to communicate with each other, let alone allow their users to connect to the Internet, browse websites, and access cloud applications.
The following picture displays the DNS lookup process that a computer executes before performing an HTTP request. The web browser request the operating system to run a DNS query against a configured public DNS server.
What is the DNS cache?
A local DNS Cache works by temporarily storing the results of recently browsed websites’ DNS queries, or other FQDNs, on a local file for faster retrieval.
Since DNS records are rarely updated, some operating systems (like Windows and Mac OS X) have, by default, enabled DNS caching with the goal of increasing Internet browsing speed by removing the DNS resolution lookups of recently accessed websites.
DNS resolution and end-user experience
DNS resolution impact end-user experience of web and SaaS applications. I configured a set of DNS performance monitoring tests on a NetBeez demo dashboard. I then generated an historical report, and discovered that the a baseline for DNS lookup is around 50 milliseconds, with peaks between 150 and 200 milliseconds. Below you can see the performance timeline for one day.
Such amount of time may not sound like a lot of time. However, you consider that, on average, a webpage may have 85 different elements. Each of those elements require a DNS query. As a result, DNS requests add up, and impact the page loading time. And, end-user experience.
HTTP performance with DNS caching
Does enabling the DNS Cache really reduce page loading time? I enabled DNS caching on a Linux-based NetBeez virtual agent that is monitoring some websites, such as YouTube, Google, and Salesforce. As you can see from the below historical plot of an HTTP test to YouTube, the actual HTTP GET time decreased as soon as I enabled DNS caching (around 14:00).
In the following real-time graph you can see that the one-day average, represented in this chart by the horizontal blue line, has a reported value of 0.086 seconds. This average is way higher than 0.05 seconds, that is the value of most of the HTTP test results with DNS caching enabled.
Clearly, DNS caching is something that network engineers and administrators have to keep in mind when troubleshooting network and application problems. In the next sections of this article, we’ll see how to inspect and clear DNS cache on three of the most popular operating systems.
How to inspect the DNS cache
In some situations it may be necessary to verify that a DNS query is using the correct cached entry.
How to inspect the DNS cache on Windows
In Windows, you can inspect the content of the local DNS cache file by executing the Windows IP configuration command by typing:
ipconfig /displaydns
The output reports something like the following screenshot:
How to inspect the DNS cache on Mac OS X
Inspecting the DNS cache on Mac OS X is a little more tricky than on Windows. If you have a Mac OS X system with Sierra (10.12) and later versions, open the Console application. If you are unable to locate it, type console on Spotlight. Once the console application appears, type ‘mdnsresponder’ in the top right filter bar of the Console window as shown in the screenshot below.
After that, open a new Terminal window (search again with Spotlight) and type in the command prompt:
sudo killall -INFO mDNSResponder
How to inspect the DNS cache on Linux
Not all the Linux distributions have DNS caching enabled, or installed by default. If you want to install a DNS caching application on your host, just search and install the nscd package. In Linux, the process is a little more tricky because the DNS cache content is stored in binary format. If you want to inspect high level statistics about cached files, just type the following command on a command prompt:
sudo nscd -g
You can see in the below-truncated output, all the information provided by the command:
hosts cache: yes cache is enabled yes cache is persistent yes cache is shared 211 suggested size 216064 total data pool size 18616 used data pool size 3600 seconds time to live for positive entries 20 seconds time to live for negative entries 322 cache hits on positive entries 0 cache hits on negative entries 849 cache misses on positive entries 1806 cache misses on negative entries 10% cache hit rate 144 current number of cached values 150 maximum number of cached values 5 maximum chain length searched 0 number of delays on rdlock 0 number of delays on wrlock 0 memory allocations failed yes check /etc/hosts for changes
If you have a Debian or Ubuntu system, the DNS cache file is stored in the directory /var/cache/nscd. The DNS records are stored in the /var/cache/nscd/hosts file. If you want to have a sense of DNS entries cached, just type:
sudo strings /var/cache/nscd/hosts
As you’ll see in the next section, in some situations it may be necessary to clear the DNS cache. This may be due to an updated DNS entry, or to troubleshoot a network connectivity problem happening on a user PC.
How to clear the DNS cache
When troubleshooting network problems, or dealing with suspected DNS poisoning, it may be necessary to flush the DNS cache. This happens when DNS entries change but a computer’s DNS cache is still using the old entry. Windows, for example, stores for 24 hours successful DNS entries, while failed ones, for five minutes. Sometimes this can be a problem.
Clearing DNS cache on Windows
To clear the cache on Windows, open a command prompt and type the following command:
ipconfig /flushdns
Clearing DNS cache on Mac OS
To clear the cache on Mac OS X with Sierra (10.12), open a terminal and type the following command:
sudo killall -HUP mDNSResponder; sudo killall mDNSResponderHelper; sudo dscacheutil -flushcache
Clearing DNS cache on Linux
Open a terminal and restart the nscd process with the following commands:
/etc/init.d/nscd stop
/etc/init.d/nscd start
Conclusion
The Domain Name System (DNS) is a crucial internet service responsible for translating website addresses into IP addresses. A local DNS Cache enhances browsing speed by storing recent queries results for fast retrieval. Sometimes network engineers and administrators troubleshooting network and application issues need to inspect or clear its entries. In this article, we offered detailed instructions for most popular operating systems. Request a NetBeez demo if you wish to learn more about monitoring and troubleshooting DNS performance from the end-user perspective.
