What is a DNS Cache?

Businesswoman in office
Fancy Yan/Photodisc/Getty Images

A DNS cache (sometimes called a DNS resolver cache) is a temporary database, maintained by a computer's operating system, that contains records of all recent visits and attempted visits to Web sites and other Internet domains.

The Purpose of DNS Caches

The Internet relies on the Domain Name System (DNS) to maintain an index of all public Web sites and their corresponding IP addresses. Every time a user visits a Web site by its name (such as "wireless.about.com"), the user's Web browser initiates a request out to the Internet, but this request cannot be completed until the Web site name is converted into an IP address.

That conversion process - called name resolution - is the job of DNS, and it takes time.  A DNS cache attempts to speed up the process by handling the name resolution before the request is sent out to the Internet.

How DNS Caches Work

Before a browser issues its requests to the outside network, the computer operating system intercepts each one and looks up the domain name in the DNS cache database. The database, stored in the computer's temporary memory, contains a list of all recently accessed Internet domain names and the addresses that DNS calculated for them the first time a request was made for them.

The contents of a local DNS cache can be viewed on Windows using the command

ipconfig /displaydns

An example entry from the cache looks like this:

Record Name . . . . . : adchoices-icon-cde-196869106.us-east-1.elb.amazonaws.com

Record Type . . . . . : 1

Time to Live . . . . : 24

Data Length . . . . . : 4

Section . . . . . . . : Answer

A (Host) Record . . . :

In DNS, the "A" record is the portion of the DNS entry that contains the IP address for the given host name. The DNS cache stores this address, the requested Web site name, and several other parameters from the host DNS entry as shown. This example also illustrates that the DNS cache stores results for not only the one URL that a user specifies in their initial request, but also all the other related URLs that make up that Web page (including third-party advertising elements).

DNS Cache Poisoning

A DNS cache becomes poisoned (sometimes also called "polluted") when unauthorized domain names or IP addresses are inserted into it. Occasionally a cache may become corrupted due to technical glitches or administrative accidents, but DNS cache poisoning is typically associated with computer viruses or other network attacks that insert invalid DNS entries into the cache. This poisoning causes client requests to be redirected to the wrong destinations, usually malicious Web sites.

Flushing a DNS Cache

When troubleshooting cache poisoning or other Internet connectivity issues, a computer administrator may wish to flush (meaning clear, reset, or erase) a DNS cache. In Microsoft Windows, flush a DNS cache using the ipconfig tool as follows:

ipconfig /flushdns

Other operating systems also provide command line options to flush a DNS cache:

dscacheutil -flushcache (on Mac OS X 10.5 and newer)
/etc/rc.d/init.d/nscd restart (on Linux)

More From Us