A DNS cache is a record of all the websites you’ve visited over a set amount of time. Simply put, your DNS cache is a list of websites you visited in the past that’s stored on your device. Your computer uses it to speed up visits to those same websites, making it an important component of how we access the internet every day.
Your DNS cache can also impact your browsing experience, security, and even privacy. For this reason, knowing how to “flush” your DNS cache, or delete all the records inside it, can be critical, depending on your threat model.
What is the Domain Name System (DNS)
What is the DNS cache
Why you may want to flush the DNS cache
How Proton VPN protects DNS
How to flush the operating system’s DNS cache
How to flush your browser’s DNS cache
How to flush the DNS cache on the router
FAQs
What is the Domain Name System?
Before you can understand how your DNS cache works, you need to know about the Domain Name System (DNS). Let’s go through a quick recap to contextualize what a DNS cache is.
Computers on the internet communicate with each other using Internet Protocol (IP) addresses. Each computer connected to the internet has a unique IP address that identifies it and allows other computers to connect to it. In fact, when you came to the protonpn.com website, your computer connected to the server hosting our content by sending a request to its IP address.
The most common type of IP address is structured as four three-digit numbers separated by a dot (for example, the IP address of protonvpn.com is 185.159.159.140). While IP addresses are easy for computers to use, they’re quite difficult for humans as we’re not very good at remembering apparently random numbers. This is why the internet uses DNS, allowing each IP address to be associated with a name that’s easier for people to remember.
Think of DNS as the phonebook for the internet. With a phonebook, you don’t need to remember everyone’s phone number, just their names. You can then use the phonebook to find the relevant number by looking up their name. In the same way, DNS is responsible for associating numeric-only IP addresses with website names (domain names) that are easier for people to remember.
What a DNS cache is
Whenever you write “protonvpn.com” in a browser’s URL bar, your browser looks up that domain name in the DNS to retrieve the corresponding IP address it needs (since computers only really understand IP addresses). This requires a rather intricate sequence of queries to various actors, including your router, your Internet Service Provider (ISP), the Top Level Domain server (TLD, which in this example is “.com”), and more. This process is called DNS resolution. Unsurprisingly, it can be quite slow in computer terms, and the resulting load times can be quite frustrating in human terms. Thus, DNS caches represent a simple, useful solution.
A DNS cache is simply a list of recently visited websites and their corresponding IP addresses that’s stored on your computer. When you try to visit a website contained in this list, your browser can skip the entire DNS resolution process and simply retrieve that website’s IP address from the cache. As a consequence, your device can resolve your query much faster.
On top of a simple name-address association, the DNS cache also stores other contextual information regarding that entry, like a Time To Live (TTL) number. This represents the number of seconds after which your device will remove the entry from the DNS cache, preventing your DNS cache from storing relations you rarely use for too long.
Apart from the TTL mechanism, which removes entries if the TTL number is surpassed, you can also erase your entire DNS cache manually. This is what “flushing” the DNS cache means. At first glance it might seem an unnecessary exercise, but upon closer inspection, there are several compelling reasons you might want to do so.
Why you may want to flush your DNS cache
Despite its clear usefulness, the DNS cache can cause issues in certain situations, to the point that it can become a vector of malicious activity. Here are the four main reasons why you might want to flush the DNS cache:
- If a website changes its IP address or domain name, the information stored in your DNS cache becomes obsolete and can even cause 404 “Page Not Found” errors (or others). Eventually, this type of issue is automatically resolved when that entry’s TTL expires.
- Outdated DNS entries in your device’s cache can also lead to you connecting to old versions of a website. When a website owner changes its DNS settings, it takes time for the changes to reach all the parts of the DNS resolution process (the technical name for the process of DNS changes being shared around is DNS propagation). Even if your device doesn’t have an outdated entry in its DNS cache, you might still be taken to an outdated website because DNS propagation hasn’t been completed yet.
- DNS caches are subject to a range of attacks called DNS spoofing attacks, which attempt to swap legitimate DNS entries with maliciously crafted ones. Instead of holding the correct IP address for protonvpn.com, attackers will attempt to implant the IP address of a website they control. If they did a decent job mimicking the expected webpage, they could fool people into sharing sensitive information (for example, if they replaced the IP address of your bank’s website with one they control and you attempt to log in, they could get access to your online bank account).
This is called DNS poisoning, and while it’s a less popular attack now than it was in the early aughts, it can still be deployed with frightening results, like when it was used to steal $150,000 from a cryptocurrency wallet(ventana nueva). Hackers were able to collect credentials, use them to login to the users’ wallets and send transactions to themselves. - Your DNS cache is effectively a list of visited websites, much like your browser history. However, the DNS cache is usually managed by your device’s operating system and is therefore outside the scope of any single browser — and the safeguards browsers usually implement.
One such safeguard is incognito (or private) mode. While incognito mode doesn’t deliver on the vast majority of its advertised privacy promises, it does prevent your browser from storing your browsing history. Yet, a very similar list of websites is present inside the DNS cache and outlives your incognito session. A compromised device could therefore expose your browsing history via the DNS cache, even if you visited those websites in incognito mode.
How Proton VPN protects DNS
The DNS cache is a simple solution for speeding up DNS resolution by allowing your browser to look up IP addresses locally rather than over the internet. Whenever the DNS cache doesn’t contain the domain name you are trying to visit, it must send that query over the web. It’s as if your browser goes around asking, “What is the IP address of this domain name?” Anyone who can watch these requests, like your ISP or network manager, can see the websites you visit.
This is why Proton VPN offers DNS leak protection. When you connect to Proton VPN, it forces all your traffic through the VPN tunnel, including all DNS queries. To the DNS resolver, it will appear as though your DNS queries are coming from the VPN server rather than your computer, preventing it from tying your browsing history to your device (and by extension, you).
Learn more about Proton VPN DNS leak protection
How to flush the operating system’s DNS cache
As mentioned above, flushing your DNS cache means manually emptying or deleting it, removing every single entry regardless of its TTL. Since the DNS cache is stored on your device and managed by its operating system, how you flush your DNS cache depends on which device you have.
The general process for flushing DNS caches is similar for all platforms:
- Open a terminal.
- Run a platform-specific command to flush the DNS cache.
- Enter your password (if prompted).
How to open the terminal and which command to run differ from platform to platform.
How to flush the DNS cache on Windows
There are several ways to open the terminal on Windows, called “command prompt”. The most direct way that works across almost any Windows version is to:
- type Windows + R to open the Run box
- Type cmd and hit Enter.
Alternatively, you can find it directly from the start menu in Windows 11 and 10. In Windows XP, Vista, 7, and 8 it’s under All programs and then Accessories.
Once the command prompt is opened, all you have to do is type the command ipconfig /flushdns and hit Enter.
How to flush the DNS cache on macOS
The terminal is among the other apps on your Mac and is actually called “Terminal”. You can find it by opening the Finder, navigating to Application, then Utilities.
The command to type in differs depending on the macOS version:
Versions | Command |
---|---|
Tiger (10.4) | lookupd -flushcache |
Leopard (10.5) | sudo lookupd -flushcache |
Snow Leopard (10.6) | sudo dscacheutil -flushcache |
Lion (10.7), Mountain Lion (10.8), Mavericks (10.9) | sudo killall -HUP mDNSResponder |
Yosemite (10.10) | sudo discoveryutil mdnsflushcache |
El Capitan (10.11), Sierra (10.12), High Sierra (10.13), Mojave (10.14), Catalina (10.15) | sudo killall -HUP mDNSResponder |
Big Sur (11), Monterey (12), Ventura (13), Sonoma (14) | sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder |
How to flush the DNS cache on Linux
The Linux ecosystem is much more varied than the other options, to the point where not all distributions even use a DNS cache. To check whether your system is caching DNS queries in the first place, you can use the following command in the terminal (which you definitely know how to access if you are a Linux user): systemctl is-active systemd-resolved. If the answer is “active”, DNS caching is happening.
The command to flush the DNS cache depends on your system. In Ubuntu, you can use the following command: sudo systemd-resolve –flush-caches.
Otherwise, different applications managing DNS queries have different commands:
- NCSD: sudo /etc/init.d/nscd restart
- Dnsmasq: sudo /etc/init.d/dnsmasq restart
- BIND: sudo /etc/init.d/named restart
How to flush browsers’ DNS cache
This article has mostly focused on the DNS cache inside your device’s operating system. However, browsers also keep an internal DNS cache. The same drawbacks apply to this backup DNS cache, therefore, you should know how to flush it as well.
How to flush the DNS cache on Chrome, Brave, Opera, Edge
All these browsers are based on the Chromium open-source browser, so they all share similar methods for flushing their DNS caches. You can simply paste the appropriate command below into your URL bar and then click Clear host cache.
Browser | Command |
---|---|
Chrome | chrome://net-internals/#dns |
Brave | brave://net-internals/#dns |
Opera | opera://net-internals/#dns |
Edge | edge://net-internals/#dns |
How to flush the DNS cache on Firefox
Firefox is not based on Chromium however the process is very similar. Just type about:networking#dns in the URL bar and click Clear DNS cache.
How to flush the DNS cache on Safari
Safari makes finding access to the DNS cache a bit more complicated because the Develop menu needs to be enabled first. The steps are:
- Open Settings in the Safari menu in the menu bar.
- Navigate to the Advanced tab.
- Select the Show Develop menu in menu bar checkbox. This is sometimes called Show features for web developers, depending on the version;
- Open the Develop menu in the menu bar and select the Empty Caches option within it to flush the DNS cache.
How to flush the DNS cache on the router
Some routers also store a DNS cache of their own. This is usually the case for more advanced equipment than those ISPs give to their clients. When there is a DNS cache, it’s usually stored in temporary memory only, therefore a simple restart of the router should suffice to flush any entry stored there.
Frequently asked questions flushing DNS caches
It removes all past DNS queries from the DNS cache. Therefore, any new attempt to visit a website will need to pass through the entire DNS resolution process until the DNS cache is replenished.
Yes. Flushing your DNS won’t break anything. In fact, it can be a good thing to do if you have an advanced threat model as it helps you avoid DNS spoofing attacks.
The most technical answer is no, flushing the DNS cache has no impact on connection performance almost at all. In fact, the first time you visit websites after flushing the DNS cache your connection will be marginally slower since your device will need to go through the DNS resolution again. However, from a user point of view, flushing the DNS cache can give the impression of a faster connection to some websites where the DNS entry was corrupted or outdated.
Flushing your DNS is very fast. It shouldn’t take more than a few seconds.
There’s no real answer to this, as it mostly depends on anyone’s specific threat model and their browsing behavior. In general, you should consider flushing your DNS cache if you experience problems with specific websites or after DNS poisoning attacks.