How does flushing DNS help resolve some issues, and while you're at it what's DNS?

First, a quick review of what DNS is.

DNS is an acronym for the Domain Name System.

As you probably already know, every device on a network is identified by an IP (Internet Protocol) address. However, you and I rarely know or care what the IP addresses are; we use names like "ask-leo.com". DNS is what maps from names to IP addresses.

When your computer accesses a domain name for the first time, it performs what's called a DNS request which boils down to asking someone "hey, what's the IP address for 'ask-leo.com'?" That 'someone' is a DNS server whose job it is to answer exactly those kinds of questions: "Found it: 'ask-leo.com' is '72.3.133.152'".

Once your computer gets the answer it's allowed to remember it for a period of time. Typically, it's a day or two, but it actually varies based on the specific domain. For as long as your computer remembers that "ask-leo.com" is "72.3.133.152" it doesn't have to ask anyone. Once the time expires, it's required to ask again, just in case it's changed.

That 'memory' of all the DNS lookups your computer has performed is called the 'DNS cache'.

Sometimes, for various reasons, the cache becomes corrupt or out of date, or to use a technical term: "messed up". The symptoms vary, but the most common is that you can't get to some web sites in your browser.

That's when flushing the cache sometimes helps. It forces your computer to empty the cache and forget everything it knows about DNS entries that it's looked up previously. It then has to start asking the DNS server for new and up to date information as you reference domains by name thereafter.

In a Windows Command Prompt, that looks like this:

[C:\] ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

[C:\]

Now, as I said, rebooting your machine has the same effect. Your DNS cache is not preserved across a reboot.

•

Your computer's DNS cache is not the only cache.

If you look at your ip configuration in the Command Prompt, making sure to specify "ipconfig /all" to see all the configuration information, you'll find a line like this:

DNS Servers . . . . . . . . . . . : 192.168.1.1

The IP address for the DNS server may well be ... your router.

Many routers perform the DNS function for local networks. If they need to, they make the DNS request from your ISP's DNS servers on your behalf.

This allows for two things:

• Your router can 'look up' machines on your local network that it already knows about since it also assigned them their IP addresses. Local machines are not known on the internet anyway, and thus would not show up in the internet's DNS servers.

• Your router can cache DNS lookups. That means if you have more than one machine going to the same site, the first one might cause the router to have to look it up, but the second machine's request for the same domain would already be in the router's cache; the router wouldn't need to do anything more than simply return the answer.

And yes, this is another reason why rebooting your router is a frequent diagnostic step: your router's DNS cache can also sometimes become "messed up". In fact it happens more frequently than most people expect. And just like your PC, rebooting your router forces it to start over with an empty DNS cache.

•

DNS caching doesn't end there.

In fact, there's an entire hierarchy of DNS servers that work to spread the load of answering all these requests for domain-to-IP mapping being made every time someone tries to go somewhere on the internet. Your computer may ask your router's DNS, your router may ask your ISP's DNS and your ISP may ask their provider's DNS, all the way up to what are called the "root DNS servers":

The DNS hierarchy

Each of these servers will cache the answers for the DNS lookups performed so as to avoid having to repeatedly ask the next DNS server in the chain for the same information over and over again. (Note that in reality this is an over simplification. The root DNS servers will actually redirect lookup requests to other DNS servers based on the top level domain - ".com", ".org", and so on - and each of them may also then redirect to the "authoritative" DNS server for the particular domain being requested.)

All that to turn "ask-leo.com" into "72.3.133.152".

•

As you can see, DNS is a critical component of how things are located on the internet. As a result, there are threats. Imagine what would happen if somehow someone was able to change the DNS information in a cache or on a server maliciously. You might ask for "ask-leo.com" and get some other random IP address that would direct your browser to a malicious web site. My site's not that high profile, but consider if someone were to do that for the entry for, say, "paypal.com".

This concept of "DNS poisoning" is actually not new, and so far the system has been fairly resilient. But even as I write this, a flaw has apparently been found in almost all DNS server software that could allow exactly such a malicious attack. The details have not been made public, but a fix has recently been pushed out to all DNS servers world-wide.

DNS is that critical.

Related:

• Can I fake the DNS ip lookup to test my website? In case you need to test your website, there are ways that you can fake the DNS IP lookup to be able to do so. We'll take a look at how that's done.

• My ISP's DNS servers are timing out frequently, what can I do? Slow Domain Name System (DNS) lookups can affect your apparent internet speed. Your ISP should provide fast DNS, but there are also alternatives.

• How is my IP address assigned? Every device on an TCP/IP network must have a unique IP address. IP addresses are assigned, either automatically by DHCP, or by manual configuration.