How does flushing DNS help resolve some issues, and while you're at it what's DNS?

Home » Networking » Network IP Addressing

Summary: DNS transforms domain names into IP addresses. Your PC caches or remembers much of the DNS information but sometimes, though, it needs to forget.

I suddenly started to encounter 'time-out' error messages with certain sites - yours being one of them! On looking further, I could not find any logic to the dozen or so sites I regularly visit being unavailable. I tried accessing these sites through an online proxy - the sites loaded. I re-booted and ran all the adware / spyware / virus programs - all to no avail. I managed to Google the problem and found some obscure forum with the response 'go to command line prompt and type "ipconfig /flushdns" ' which I duly did. Perfect - problem solved - but why did I need to do this, what is a DNS flush and how can I avoid this problem in the future?

Well, I can't really say why that fixed your problem, since a reboot is also another way of flushing your DNS. In fact, it's one of the many reasons that so many tech support folks insist you reboot as the first step when investigating just about anything.

But you seem to indicate that a reboot actually didn't help.

But, conceptually at least, it sometimes can help, and it's much faster than a reboot.

•

First, a quick review of what DNS is.

DNS is an acronym for the Domain Name System.

As you probably already know, every device on a network is identified by an IP (Internet Protocol) address. However, you and I rarely know or care what the IP addresses are; we use names like "ask-leo.com". DNS is what maps from names to IP addresses.

When your computer accesses a domain name for the first time, it performs what's called a DNS request which boils down to asking someone "hey, what's the IP address for 'ask-leo.com'?" That 'someone' is a DNS server whose job it is to answer exactly those kinds of questions: "Found it: 'ask-leo.com' is '72.3.133.152'".

Once your computer gets the answer it's allowed to remember it for a period of time. Typically, it's a day or two, but it actually varies based on the specific domain. For as long as your computer remembers that "ask-leo.com" is "72.3.133.152" it doesn't have to ask anyone. Once the time expires, it's required to ask again, just in case it's changed.

That 'memory' of all the DNS lookups your computer has performed is called the 'DNS cache'.

Sometimes, for various reasons, the cache becomes corrupt or out of date, or to use a technical term: "messed up". The symptoms vary, but the most common is that you can't get to some web sites in your browser.

That's when flushing the cache sometimes helps. It forces your computer to empty the cache and forget everything it knows about DNS entries that it's looked up previously. It then has to start asking the DNS server for new and up to date information as you reference domains by name thereafter.

"DNS is a critical component of how things are located on the internet."

In a Windows Command Prompt, that looks like this:

[C:\] ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

[C:\]

Now, as I said, rebooting your machine has the same effect. Your DNS cache is not preserved across a reboot.

•

Your computer's DNS cache is not the only cache.

If you look at your ip configuration in the Command Prompt, making sure to specify "ipconfig /all" to see all the configuration information, you'll find a line like this:

DNS Servers . . . . . . . . . . . : 192.168.1.1

The IP address for the DNS server may well be ... your router.

Many routers perform the DNS function for local networks. If they need to, they make the DNS request from your ISP's DNS servers on your behalf.

This allows for two things:

Your router can 'look up' machines on your local network that it already knows about since it also assigned them their IP addresses. Local machines are not known on the internet anyway, and thus would not show up in the internet's DNS servers.
Your router can cache DNS lookups. That means if you have more than one machine going to the same site, the first one might cause the router to have to look it up, but the second machine's request for the same domain would already be in the router's cache; the router wouldn't need to do anything more than simply return the answer.

And yes, this is another reason why rebooting your router is a frequent diagnostic step: your router's DNS cache can also sometimes become "messed up". In fact it happens more frequently than most people expect. And just like your PC, rebooting your router forces it to start over with an empty DNS cache.

•

DNS caching doesn't end there.

In fact, there's an entire hierarchy of DNS servers that work to spread the load of answering all these requests for domain-to-IP mapping being made every time someone tries to go somewhere on the internet. Your computer may ask your router's DNS, your router may ask your ISP's DNS and your ISP may ask their provider's DNS, all the way up to what are called the "root DNS servers":

DNS heirarchy
The DNS hierarchy

Each of these servers will cache the answers for the DNS lookups performed so as to avoid having to repeatedly ask the next DNS server in the chain for the same information over and over again. (Note that in reality this is an over simplification. The root DNS servers will actually redirect lookup requests to other DNS servers based on the top level domain - ".com", ".org", and so on - and each of them may also then redirect to the "authoritative" DNS server for the particular domain being requested.)

All that to turn "ask-leo.com" into "72.3.133.152". Smile

•

As you can see, DNS is a critical component of how things are located on the internet. As a result, there are threats. Imagine what would happen if somehow someone was able to change the DNS information in a cache or on a server maliciously. You might ask for "ask-leo.com" and get some other random IP address that would direct your browser to a malicious web site. My site's not that high profile, but consider if someone were to do that for the entry for, say, "paypal.com".

This concept of "DNS poisoning" is actually not new, and so far the system has been fairly resilient. But even as I write this, a flaw has apparently been found in almost all DNS server software that could allow exactly such a malicious attack. The details have not been made public, but a fix has recently been pushed out to all DNS servers world-wide.

DNS is that critical.

Related:

Can I fake the DNS ip lookup to test my website? In case you need to test your website, there are ways that you can fake the DNS IP lookup to be able to do so. We'll take a look at how that's done.
My ISP's DNS servers are timing out frequently, what can I do? Slow Domain Name System (DNS) lookups can affect your apparent internet speed. Your ISP should provide fast DNS, but there are also alternatives.
How is my IP address assigned? Every device on an TCP/IP network must have a unique IP address. IP addresses are assigned, either automatically by DHCP, or by manual configuration.

Article 12559 | Posted July 19, 2008

•

Recent Comments

I scanned my pc with A-Squared (EMSI Software). Found the culprit and fixed the problem. Before that, I had Firefox3.0 installed. I enjoyed its speed. When I was backed to IE7, I encountered "time-out" error messages. Not to blame FF 3.0 though, but I just wonder.

Posted by: mat at July 22, 2008 04:25 AM

I learned about performing this task a couple of years ago. I don't recall exactly from who but I'm pretty sure it was through a Cnet TechRepublic post. They also specified to follow this procedure by typing in ipconfig /renew and running it directly after. Why is there no mention of that here. Is it not necassary to do that?

"ipconfig /renew" is unrelated to flushing your DNS. /renew typically follows a /release. /release says "I release the IP address you've given me, I don't need it any more", and /renew says "I'd like a new IP address assigned to me please." This is also often used when troubleshooting, but for other types of problems.
-Leo

Posted by: Allain at July 22, 2008 04:56 PM

Post a comment on "How does flushing DNS help resolve some issues, and while you're at it what's DNS?":

Name: (Required)

Email Address: (Required)

(Email Address will not be published.)

Remember Me? YesNo

By popular demand...
my tip jar

Buy Leo a Latte!

Comments: (you may use HTML tags for style)

New!

Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored.
Comment only on this article. Use the Google search box at the top of the page if you have a question about something else.
Don't include personal information in the comment. No email addresses. No phone numbers. No physical addresses.
Don't ask me to recover lost passwords or hacked accounts. I can't, and those comments will be deleted.

I can't respond to every comment. And I can't vouch for the accuracy of others who do.
Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...