What is DNS cache and how does it work?
About DNS and DNS Caching
The Domain Name Service (DNS), is an Internet service that is responsible for translating Fully Qualified Domain Names (FQDN), like website addresses, into IP addresses. Without a working DNS configuration, computers wouldn’t be able to communicate with each other, let alone allow their users to connect to the Internet, browse websites, and access cloud applications.
A DNS Cache works by temporarily storing the results of recently browsed websites’ DNS queries, or other FQDNs, on a local file for faster retrieval.
Since DNS records are rarely updated, some operating systems (like Windows and Mac OS X) have, by default, enabled DNS caching with the goal of increasing Internet browsing speed by removing the DNS resolution lookups of recently accessed websites.
But how much does DNS caching really improve things?
I have configured some DNS performance monitoring tests on our NetBeez demo dashboard, as shown below. Upon generating this historical report, I found that a baseline for DNS lookup is around 50 milliseconds, with peaks between 150 and 200 milliseconds. Below you can see the performance timeline for one day.
Such amount of time may not sound like a lot of time, but if you consider that the median number of resources per web page is 85, then you can see how DNS requests add up and impact the page loading time and, consequently, end-user experience.
DNS Cache and end-user experience
Does enabling the DNS Cache really reduce page loading time? I enabled DNS caching on a Linux-based NetBeez virtual agent that is monitoring some websites, such as YouTube, Google, and Salesforce. As you can see from the below historical plot of an HTTP test to YouTube, the actual HTTP GET time decreased as soon as I enabled DNS caching (around 14:00).
In the following real-time graph you can see that the one-day average, represented in this chart by the horizontal blue line, has a reported value of 0.086 seconds. This average is way higher than 0.05 seconds, that is the value of most of the HTTP test results with DNS caching enabled.
Clearly, DNS caching is something that network engineers and administrators have to keep in mind when troubleshooting network and application problems. In the next sections of this article, we’ll see how to inspect and clear the DNS cache on three of the most popular operating systems.
How to inspect the DNS cache on Windows, Mac OS X, and Linux
In Windows, you can inspect the content of such file by typing ipconfig /displaydns on a command prompt.
In Mac OS X, inspecting the DNS cache is a little more tricky than Windows. If you have a Mac OS X system with Sierra (10.12), you’ll have to open the Console application (just search with Spotlight) and type ‘mdnsresponder’ in the top right filter bar of the Console window. After that, open a new Terminal window (search again with Spotlight) and type in the command prompt “ sudo killall -INFO mDNSResponder”.
Not all the Linux distributions have DNS caching enabled, or installed by default. If you want to install a DNS caching application on your host, just search and install the nscd package. In Linux, the process is a little more tricky because the DNS cache content is stored in binary format. If you want to inspect high level statistics about cached files, just type the following command on a command prompt:
sudo nscd -g
You can see in the below-truncated output, all the information provided by the command:
yes cache is enabled
yes cache is persistent
yes cache is shared
211 suggested size
216064 total data pool size
18616 used data pool size
3600 seconds time to live for positive entries
20 seconds time to live for negative entries
322 cache hits on positive entries
0 cache hits on negative entries
849 cache misses on positive entries
1806 cache misses on negative entries
10% cache hit rate
144 current number of cached values
150 maximum number of cached values
5 maximum chain length searched
0 number of delays on rdlock
0 number of delays on wrlock
0 memory allocations failed
yes check /etc/hosts for changes
If you have a Debian or Ubuntu system, the DNS cache file is stored in the directory /var/cache/nscd. The DNS records are stored in the /var/cache/nscd/hosts file. If you want to have a sense of DNS entries cached, just type:
sudo strings /var/cache/nscd/hosts
As you’ll see in the next section, in some situations it may be necessary to clear the DNS cache. This may be due to an updated DNS entry, or to troubleshoot a network connectivity problem happening on a user PC.
How to clear the DNS cache in Windows, Mac OS X, and Linux
When troubleshooting network problems, or dealing with suspected DNS poisoning, it may be necessary to flush the DNS cache. This is the case when a DNS entry was changed but the computer’s DNS cache is still using stale information. In Windows, for example, successful DNS entries are cached for one day, while failed ones, only for five minutes. Sometimes this can be a problem.
To clear the cache on Windows, open a command prompt and type the following command:
To clear the cache on Mac OS X with Sierra (10.12), open a terminal and type the following command:
sudo killall -HUP mDNSResponder; sudo killall mDNSResponderHelper; sudo dscacheutil -flushcache
Open a terminal and restart the nscd process with the following commands:
I hope this article was helpful to learn more about DNS caching and how to deal with it when troubleshooting network problems. If you have any feedback or a contribution to make to the discussion, please use the comments section.