DNS cache
Stored DNS answers held by resolvers (and the OS, and apps) to skip future lookups. The reason DNS scales; also the reason changes take time to propagate.
A DNS cache is a layer that remembers recent answers so it doesn't have to look them up again. Caches exist at every level:
- Browser cache. Chrome, Firefox cache DNS answers in-process.
chrome://net-internals/#dnsshows it. - OS cache. macOS uses
mDNSResponder; Windows usesdnscache; Linux varies (systemd-resolved,nscd, none). - Resolver cache. The recursive resolver caches every answer it gets.
- Authoritative cache. Some authoritative providers cache zones internally for serving speed.
Each cache lasts up to the TTL on the record.
Why caches matter
Without caching, every request would walk the full DNS chain — billions of times per second across the internet. The system would melt. Caches make DNS cheap.
The trade-off: changes don't take effect everywhere instantly. A record with TTL=3600 can be cached for an hour. Lower TTLs = faster propagation but more lookup volume.
Negative caching
Resolvers also cache "this name doesn't exist" responses (NXDOMAIN) for the SOA minimum TTL. This is why creating a new DNS record sometimes seems delayed: resolvers might have cached the NXDOMAIN from before.
Flushing a cache
- macOS:
sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder - Windows:
ipconfig /flushdns - Linux (systemd-resolved):
sudo resolvectl flush-caches - Browser: clear browsing data, or restart the browser.
Flushing only affects your local machine. The recursive resolver (your ISP's, 1.1.1.1) keeps its own cache that you can't flush. See DNS flush.