Archive for October, 2020

Every visit to a site such as google.com starts with resolving the domain name or FQDN to an IP address. And this resolution is done by a dns service. The domain name to IP address(A record in dns terminology) mapping is cached by both dns servers and client as most domain names do not change IPs that often.

Sometimes though you might know that the A record or IP address of a domain has changed and yet your local cache is holding the old IP. Before clearing the cache, you can view the contents of the dns cache by sending a USR1 signal to systemd-resolved

sudo killall -USR1 systemd-resolved

This will dump the contents of dns cache and name servers to systemd log, which you can view with journalctl command –

sudo journalctl -u systemd-resolved

As the bottom of the log, you should see the CACHE entries –


Oct 30 22:53:04 hidmo systemd-resolved[23811]: CACHE:
Oct 30 22:53:04 hidmo systemd-resolved[23811]:         csi.gstatic.com IN A 209.85.202.120
Oct 30 22:53:04 hidmo systemd-resolved[23811]:         csi.gstatic.com IN A 209.85.202.94
Oct 30 22:53:04 hidmo systemd-resolved[23811]:         connectivity-check.ubuntu.com IN A 35.222.85.5
Oct 30 22:53:04 hidmo systemd-resolved[23811]:         connectivity-check.ubuntu.com IN A 35.224.99.156

....

TLTR; systemd-resolve –flush-caches

systemd-resolve is a CLI tool for resolving domain names, IPv4 and IPv6 addresses, DNS records and services.

It also provides dns resolution statistics, settings and ability to flush cache. Before flushing cache, check the cache size and hit/miss statistics. Additional information such as transactions count is also reported.

$ sudo systemd-resolve --statistics
DNSSEC supported by current servers: no

Transactions                
Current Transactions: 0     
  Total Transactions: 105240
                            
Cache                       
  Current Cache Size: 15     
          Cache Hits: 50425 
        Cache Misses: 66235 
                            
DNSSEC Verdicts             
              Secure: 0     
            Insecure: 0     
               Bogus: 0     
       Indeterminate: 0     

As you can see above, the cache size is 15. In order to clear or flush the dns cache, run below command –

systemd-resolve --flush-caches

Running systemd-resolve --statistics should show a current cache size of 0.