Flushing Local DNS Cache in Linux

Last updated: September 19, 2024

Reviewed by: David Martinez
Black Friday 2025 – NPI EA (cat = Baeldung on Linux)
announcement - icon

Yes, we're now running our Black Friday Sale. All Access and Pro are 33% off until 2nd December, 2025:

>> EXPLORE ACCESS NOW

Baeldung Pro – Linux – NPI EA (cat = Baeldung on Linux)
announcement - icon

Learn through the super-clean Baeldung Pro experience:

>> Membership and Baeldung Pro.

No ads, dark-mode and 6 months free of IntelliJ Idea Ultimate to start with.

Partner – Orkes – NPI EA (tag=Kubernetes)
announcement - icon

Modern software architecture is often broken. Slow delivery leads to missed opportunities, innovation is stalled due to architectural complexities, and engineering resources are exceedingly expensive.

Orkes is the leading workflow orchestration platform built to enable teams to transform the way they develop, connect, and deploy applications, microservices, AI agents, and more.

With Orkes Conductor managed through Orkes Cloud, developers can focus on building mission critical applications without worrying about infrastructure maintenance to meet goals and, simply put, taking new products live faster and reducing total cost of ownership.

Try a 14-Day Free Trial of Orkes Conductor today.

1. Overview

In this article, we’ll learn about the different DNS caching systems on Linux and the methods for clearing them.

2. DNS Cache in Linux

Domain Name System (DNS) is a critical network stack component that serves as the entry point to the internet. Specifically, it translates human-readable domain names into IP addresses. Many systems often maintain a local DNS cache to improve performance and reduce network traffic. However, there are times when we need to clear these local DNS caches, such as when troubleshooting network issues.

Unlike other operating systems (OS), Linux lacks an OS-level DNS cache. Instead, the DNS caching in Linux is typically handled by specific services or applications.

In Linux, there are several commonly used DNS caching services. Specifically, systemd-resolveddnsmasq, and bind9 are some of the most popular services providing local DNS resolution and caches.

In the following section, we’ll look at the different DNS caching services and how to clear the caches.

3. Flushing DNS Cache in systemd-resolved

systemd-resolved is a SystemD service that provides domain name resolution service. Specifically, it provides the service to local applications through the D-Bus interface and a local DNS stub listener at IP address 127.0.0.1 and port 53.

Let’s look at how to clear the DNS caches in a systemd-resolved service.

3.1. Checking if systemd-resolved is Running

First, we’ll need to check if the systemd-resolved is active using the systemctl is-active command:

$ systemctl is-active systemd-resolved
active

If the command returns active in the output, systemd-resolved is running in the background providing domain name resolution to local applications.

3.2. Flushing the Caches

We can flush the cache in the systemd-resolved using the systemd-resolve command with the –flush-caches flag:

$ sudo systemd-resolve --flush-caches
Successfully flushed all caches.

The output shows that we’ve successfully cleared all the caches in the systemd-resolved service.

3.3. Checking the Statistics

Subsequently, we can verify the flushing by checking the statistics on the systemd-resolved service. To obtain the statistics on the service, we can use the systemd-resolve command followed by the –statistics flag:

$ sudo systemd-resolve --statistics
DNSSEC supported by current servers: no

Transactions
Current Transactions: 0
  Total Transactions: 27

Cache
  Current Cache Size: 0
          Cache Hits: 12
        Cache Misses: 15

The –statistics option of the systemd-resolve command outputs usage and cache statistics on the systemd-resolved service. Importantly, the Current Cache Size value under the Cache section shows how many cache entries we have in the systemd-resolved service.

After flushing the DNS cache using the command systemd-resolve –flush-caches, we’ll expect the value to be zero.

3.4. resolvectl

In newer Linux distributions, such as Ubuntu Linux 22.04, we might see the following error when running the systemd-resolve command:

$ sudo systemd-resolve --flush-caches
sudo: systemd-resolve: command not found

This is because systemd-resolve was renamed to resolvectl in SystemD version 239. For newer Linux distribution that comes with SystemD version 239 and above, we’ll need to replace the systemd-resolve command with the resolvectl command:

$ sudo resolvectl flush-caches

Notably, the flush-caches is now the subcommand of the resolvectl command, instead of an option flag.

4. Flushing DNS Cache in dnsmasq

dnsmasq is a lightweight DNS forwarder and DHCP server often used in Linux environments. Notably, the dnsmasq service can also cache DNS to improve the performance of domain name resolution.

First, let’s verify if our system is running the dnsmasq service:

$ ps ax | grep dnsmasq
1234 ?        Ssl    0:00 /usr/sbin/dnsmasq --cache-size=50
5678 pts/0    S+     0:00 grep --color=auto dnsmasq

The one-liner above lists all processes in the system containing dnsmasq in their name. The first line that starts with /usr/sbin/dnsmasq indicates that dnsmasq is running in the background.

Even with the dnsmasq process running, we must check if the DNS caching feature is enabled. Specifically, the DNS cache can be disabled by setting the cache size to zero. The cache size can be configured through inline command arguments –cache-size or the cache-size directive in a configuration file.

Next, we can check if the cache size is specified as a command-line argument when starting the service. For example, in the ps ax output above, we see that dnsmasq is started with the option –cache-size=50. This indicates that dnsmasq is caching DNS requests with a capacity of 50 entries.

Alternatively, the cache size can be set in the configuration file located at /etc/dnsmasq.conf:

$ grep "cache-size" /etc/dnsmasq.conf
cache-size=1000

In this case, the cache size is enabled with a capacity of 1000 entries.

Once we’re sure that the dnsmasq process is running with DNS caching enabled, we can clear the cache by restarting or reloading the service.

4.1. Flush by Restart

To flush the DNS cache, we can restart the dnsmasq process in our system. This is because dnsmasq keeps all the caches in memory, and therefore restarting the service flushes the cache.

If the dnsmasq process is managed by systemctl, we can use the systemctl restart command to restart the process:

$ sudo systemctl restart dnsmasq

Alternatively, for dnsmasq started by the service command, we can use the service restart command to trigger a restart:

$ sudo service dnsmasq restart

4.2. Flush by Reload

dnsmasq listens to the SIGHUP signal to trigger a reload. During a reload, the dnsmasq re-reads all the configuration files and flushes the DNS caches if we enable the option to clear the cache on reload. This option is preferable because it doesn’t cause downtime on the dnsmasq service.

To enable cache clear on reload, we can add the clear-on-reload directive in the configuration file. By default, dnsmasq uses the /etc/dnsmasq.conf file as configuration file:

$ grep -q '^clear-on-reload' /etc/dnsmasq.conf || echo 'clear-on-reload' | sudo tee -a /etc/dnsmasq.conf

The one-liner above first uses the grep command to check if the clear-on-reload directive exists on the file. If there is no matching line, we append the directive to the end of the /etc/dnsmasq.conf file.

With the configuration set, we can send the SIGHUP signal to the dnsmasq process using the killall -HUP command:

$ sudo killall -HUP dnsmasq

The SIGHUP signal will trigger reloads on the dnsmasq process, causing DNS cache flush.

5. Flushing BIND9 DNS Cache

The Berkely Internet Name Domain version 9 (BIND9) is a software suite for domain name resolution. Crucially, the named component handles DNS queries to resolve domain names and cache successful domain name resolution.

rndc is the command-line tool to manage the BIND9 server. To clear all the caches in our BIND9 server, we can use the rndc flush command:

$ sudo rndc flush

Besides that, we can flush a specific domain entry using the flushname subcommand:

$ sudo rndc flushname google.com

The flushname command only flushes the specific domain entry without affecting the rest.

Subsequently, we can verify the flush by dumping the cache. Concretely, we can use rndc dumpdb to dump the current content of the DNS cache for inspection:

$ rndc dumpdb -cache

After we’ve executed the command, we can find a named_dump.db file in the /var/named/data directory:

$ cat /var/named/data/named_dump.db
; Dump of cache
; Time: Wed Sep  6 10:30:45 2023
;
; Cache dump complete

Upon a flush, the content of the named_dump.db will be empty as we’ve cleared the entire DNS cache.

6. Conclusion

In this tutorial, we’ve learned that there isn’t an operating system-level DNS cache in Linux. Subsequently, we’ve explored several commonly used local DNS caching services.

We first looked at the systemd-resolved service. Concretely, we’ve seen that by clearing the caches in the systemd-resolved service, we can use the –flush-caches flag of the systemd-resolve command. Importantly, we’ve also highlighted that the systemd-resolve command is renamed to resolvectl in newer Linux distributions.

Subsequently, we’ve learned that the dnsmasq cache can be flushed by restarting the service or triggering a reload by sending a SIGHUP signal. Notably, we must enable the clear-on-reload directive to flush the cache on reload.

Then, we looked at cache flushing in the BIND9 name server software. Specifically, we’ve seen how the flush and flushname command clears the DNS cache from the BIND9 server.