How to flush your DNS Cache on Mac OS X?
Abstract: ~]$ sudo killall -HUP mDNSResponder Mac OS X 10.11 (El Capitan) [me@me-macOS~]$ sudo dscacheutil -flushcache Mac OS X 10.4 (Tiger) and before [me@me-m
The Domain Name System (DNS) is a critical component of how the internet works. While programming on your Mac, you may find yourself in a situation where a DNS entry doesn’t return what you would expect because of a long DNS TTL (time-to-live) cache. This can occur when doing local development on Mac with various virtual machines or local servers with internal DNS. In such cases, flushing your Mac OS DNS cache may be necessary to pick up the updated entries without waiting for the TTL to expire. Unfortunately, there is no consistent way to do it, as it will depend on which Mac OS version you are running.
What is DNS, and what does a flush DNS cache do?Whenever you type a website domain in your browser’s address bar, it needs to convert it to the corresponding IP address to communicate with the webserver hosting the website. This process is called domain name resolution. When you repeatedly use the same URL and domain, your computer will reduce network traffic by caching the corresponding IP address in a local DNS cache. In addition, another crucial information called 「Timeout」 or 「Time-To-Live」 (TTL) is being stored. This information is used by your local DNS service to decide when it should re-fetches the combination from domain to IP and stores it in the local DNS cache again.
DNS flushing is the mechanism where you manually mark all the entries in the DNS cache as invalid to force a new address resolution to a DNS server.
Is it safe to flush DNS cache, and is it bad?Clearing your local DNS cache will remove any invalid addresses, whether because they’re outdated or because they’ve been manipulated. Flushing your local DNS cache doesn’t have significant side effects besides forcing new DNS resolutions. This may be an issue in a production environment where flushing your server DNS cache may introduce latency.
What is mDNSResponder on my Mac?mDNSResponder is part of the Bonjour networking protocol implementation in macOS and Mac OS X. This is a daemon tasked with discovering services running on other local devices and handling DNS requests for services that need to connect to the internet. Apple briefly replaced it in Mac OS X Yosemite with a service called discoveryd and reverted that change after some blowback.
The dscacheutil command line operates against the Directory Service cache to gather statistics, initiate lookups, or do a DNS cache flush. It replaces most of the functionality of the former lookupd command line tool provided prior to Mac OS X Leopard.
Using the -flushcache option will flush the entire local DNS cache (i.e. dscacheutil -flushcache).
The most common reasons to flush your local DNS cache may be technical problems and security or data privacy concerns.
You’re seeing HTTP errors (404 or others) or can’t access a website. Whenever the owner of a website change server, the DNS entries will need to be updated. When the website owner does those changes without care, your local DNS cache may contain inaccurate or old information about the website IP address. In such a case, you may be sent to an old server that may not have the content you are looking for and end up seeing an HTTP 404 error or an outdated version of the site. While the information will eventually get updated in your local DNS cache (after TTL expires), you don’t have to wait and can clear your local DNS cache at any time.
You think that you have been the victim of DNS spoofing. DNS cache poisoning, a.k.a. DNS spoofing, is an attack in which a bad actors gain access to your local DNS cache and alter the information to redirect you to a compromised host. In some cases, the hacker will try to redirect you to a 「look-a-like」 fraudulent website that resembles the original destination. The aim is to trick you into entering sensitive information like banking or email credentials, social security numbers, etc.
You want to keep your internet browsing private. Cookies are not the only way you can be tracked on the internet. For example, your ISP provider may retian information about your DNS resolutions. Similarly, your local DNS cache can reveal your browsing history by exposing the domain names that you have recently visited (i.e., resolved). By clearing your local DNS cache, a spy or bad actor will not be able to easily reconstruct some of your browsing activity.
Below is a list of the command line that you can use to purge your local DNS cache depending on the Mac OS version that you are using. This is quite convenient as you can add this to your build automation process for your local dev environment.
macOS 10.15 (Catalina), 11 (Big Sur), and 12 (Monterey)[me@me-macOS: ~]$ sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
[me@me-macOS: ~]$ sudo killall -HUP mDNSResponder
[me@me-macOS: ~]$ sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
Versions 10.10.4+:[me@me-macOS: ~]$ sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
Versions 10.10.1, 10.10.2, 10.10.3:[me@me-macOS: ~]$ sudo discoveryutil mdnsflushcache; sudo discoveryutil udnsflushcache;
[me@me-macOS: ~]$ dscacheutil -flushcache; sudo killall -HUP mDNSResponder
[me@me-macOS: ~]$ sudo killall -HUP mDNSResponder
[me@me-macOS: ~]$ sudo dscacheutil -flushcache
[me@me-macOS: ~]$ lookupd -flushcache
? Bonus Tips #1: To find out which Mac OS version you are running, check the post How to Find which Mac OS version you are running?
? Bonus Tips #2: If you’d rather to use a point-and-click solution to purge your local DNS cache, check out the step-by-step guide from apple at https://support.apple.com/en-us/HT201260.
