DNS Caching in Linux

DNS is the backbone of modern Internet infrastructure. DNS stands for Domain Name System which is a system that translates domain names into IP addresses.

There are different types of DNS queries and hierarchy of DNS servers that resolve DNS queries. Like any query, DNS queries also introduces some latency which could affect application performance and end-user satisfaction, if the delay adds up significantly.

What is DNS Caching?

DNS caching is a critical mechanism that improves network performance and reduces unnecessary network traffic. By storing previously resolved domain names locally, DNS cache helps speed up web browsing, network applications, and overall system responsiveness.

DNS caching is the temporary storage of DNS query results on a local machine. When you request a domain name (like www.tutorialspoint.com), the DNS resolver first checks the local cache before querying external DNS servers. This process significantly reduces lookup times and network bandwidth consumption.

DNS Caching in Linux

Linux has multiple tools that supports and provides DNS caching features. We'll discuss some of them in the coming points below.

nscd (Name Service Cache Daemon)

nscd is a traditional caching service that provides caching for various name services, including DNS. It caches hostnames, IP addresses, user and group information. nscd can speed up consecutive DNS access locally and increase overall system performance.

To install nscd, you can use below command, based on your Linux distribution type:

# On Debian/Ubuntu
$ sudo apt-get install nscd

# On CentOS/RHEL
$ sudo dnf install nscd

You can print the current statistics for nscd service using -g flag ?

$ sudo nscd -g

To clear nscd host's cache table, you can use -i or -invalidate flag as shown in below command ?

$ sudo nscd -i hosts

OR

$ sudo nscd --invalidate=hosts

systemd-resolved

Modern Linux distributions using systemd incorporate a built-in DNS caching mechanism through systemd-resolved. This service provides local DNS caching, DNSSEC validation, split DNS configuration and multicast DNS support.

It comes installed by default with Debian/Ubuntu based Linux distributions as a systemd service. It creates a symlink for /etc/resolv.conf to /run/systemd/resolve/stub-resolv.conf for connecting local clients to the internal DNS stub resolver of systemd-resolved.

You can check the status of systemd-resolved service using status sub-command of resolvectl as shown below ?

$ resolvectl status

For example, I can see below output for my resolvectl statistics command ?

While statistics for systemd-resolved service can be checked using statistics sub-command of resolvectl:

$ resolvectl statistics

The output for above command will show the summary of transactions and cache for systemd-resolved service.

Current cache for systemd-resolved can be flushed with flush-caches sub-command:

$ resolvectl flush-caches

This flushes all DNS resource record caches which the service maintains locally.

Dnsmasq

Dnsmasq is a lightweight DNS forwarder and cache that can be used on both desktop and server environments. Its key features include local DNS caching, DHCP server, TFTP server and minimal resource consumption. It aims for minimal memory footprint allowing it to be used with systems with resource constraints.

Dnsmasq accepts DNS queries and either answers them from a small, local, cache or forwards them to a real, recursive, DNS server. It also refers /etc/hosts so that local hostnames which do not appear in the global DNS can also be resolved while also answering DNS queries for DHCP configured hosts.

To install dnsmasq, you can use one of the below commands, based on your Linux distribution type:

# On Debian/Ubuntu
$ sudo apt-get install dnsmasq

# On CentOS/RHEL
$ sudo dnf install dnsmasq

Its main configuration is stored under /etc/dnsmasq.conf. The /etc/resolv.dnsmasq file has the IP addresses of upper DNS servers which the dnsmasq service forwards queries to and caches replies from.

dnsmasq with NetworkManager

If you want to use dnsmasq with NetworkManager service, configure it as follows:

Create a /etc/NetworkManager/conf.d/dns.conf file, configuring NetworkManager to enable DNS caching via dnsmasq:

[main]
dns=dnsmasq

Then, restart NetworkManager service:

$ sudo systemctl restart NetworkManager

Ensure that NetworkManager is started properly and is using dnsmasq with the help of below command:

$ sudo systemctl status NetworkManager

The status must be loaded/active and the command /usr/sbin/dnsmasq must be running.

Additional dnsmasq configuration can be placed into the following directory: /etc/NetworkManager/dnsmasq.d.

Conclusion

DNS caching is a crucial optimization technique used at multiple levels from browsers to operating systems. By understanding and effectively managing DNS cache, you can significantly improve network performance, reduce latency, and optimize system resources.

In this article, we have discussed multiple tools that provides DNS caching in Linux OS. Understanding these tools and their management commands helps system administrators maintain efficient DNS resolution systems.