Linux – view dns cache contents
Posted by danielOct 30
Every visit to a site such as google.com starts with resolving the domain name or FQDN to an IP address. And this resolution is done by a dns service. The domain name to IP address(A record in dns terminology) mapping is cached by both dns servers and client as most domain names do not change IPs that often.
Sometimes though you might know that the A record or IP address of a domain has changed and yet your local cache is holding the old IP. Before clearing the cache, you can view the contents of the dns cache by sending a
signal to USR1
systemd-resolved
sudo killall -USR1 systemd-resolved
This will dump the contents of dns cache and name servers to systemd log, which you can view with journalctl
command –
sudo journalctl -u systemd-resolved
As the bottom of the log, you should see the CACHE entries –
Oct 30 22:53:04 hidmo systemd-resolved[23811]: CACHE:
Oct 30 22:53:04 hidmo systemd-resolved[23811]: csi.gstatic.com IN A 209.85.202.120
Oct 30 22:53:04 hidmo systemd-resolved[23811]: csi.gstatic.com IN A 209.85.202.94
Oct 30 22:53:04 hidmo systemd-resolved[23811]: connectivity-check.ubuntu.com IN A 35.222.85.5
Oct 30 22:53:04 hidmo systemd-resolved[23811]: connectivity-check.ubuntu.com IN A 35.224.99.156
....
No comments
You must be logged in to post a comment.