{ "@context": "https://schema.org", "@type": "DefinedTerm", "@id": "https://hostdir.net/glossary/dns-caching", "name": "DNS Caching", "description": "DNS caching stores resolved domain name query results for the specified TTL duration to avoid repeated queries to upstream authoritative servers.", "url": "https://hostdir.net/glossary/dns-caching", "inDefinedTermSet": "https://hostdir.net/glossary", "termCode": "dns-caching", "mainEntityOfPage": "https://hostdir.net/glossary/dns-caching", "license": "https://creativecommons.org/licenses/by/4.0/", "_hostdir": { "kind": "glossary-term", "slug": "dns-caching", "canonical": "https://hostdir.net/glossary/dns-caching", "term": "DNS Caching", "category": "DNS", "category_slug": "dns", "summary": "DNS caching stores resolved domain name query results for the specified TTL duration to avoid repeated queries to upstream authoritative servers.", "definition": "DNS caching is a mechanism where DNS query results are stored locally or on an intermediate resolver for a limited period, defined by the time-to-live (TTL) value in the DNS resource record. This reduces the need to resolve the same domain name again from authoritative servers, cutting latency and network traffic.\n\nWhen a DNS resolver receives a query response, it places that record into its cache along with the TTL received. For subsequent queries for the same domain within the TTL window, the resolver returns the cached answer without contacting upstream servers. The resolver discards the record when the TTL expires. Caches are used at every level: the operating system stub resolver, the local network resolver (often running on a router), the ISP's recursive resolver, and sometimes within browsers and applications.\n\nDNS caching is critical to scaling the internet's naming system. Without it, every DNS request would travel the full hierarchy from stub resolver to root nameserver to TLD to authoritative server. Caching reduces that path to a single local lookup for most queries. However, it introduces possible staleness: if a domain changes its IP address, cached records remain until TTL expiry. Short TTLs (e.g., 60 seconds) minimize staleness but reduce caching benefits; long TTLs (e.g., 86400 seconds) maximize performance but slow propagation of changes. DNS cache poisoning is a known class of attack where an attacker causes a resolver to cache a forged record, redirecting traffic until the cache flushes.", "examples": "When a user visits example.com, the stub resolver checks the OS cache. If not found, it asks the recursive resolver (e.g., 8.8.8.8). That resolver likely has the A record cached from a prior request, so it returns the IP instantly without querying the .com TLD or the example.com authoritative server. This cached response is typically under 5 ms.", "key_facts": [ "Records are stored for the duration of the TTL returned in the DNS response.", "Cache exists on stub resolvers (OS), recursive resolvers (ISP, public DNS), and browsers.", "Stale caching can delay visibility of DNS updates (e.g., server migration).", "Cache poisoning attacks exploit weak validation in older resolver implementations.", "DNS flush commands (ipconfig/flushdns, systemd-resolve --flush-caches) clear the local cache." ], "related_terms": [ "DNS Resolver", "Time To Live (TTL)", "Recursive DNS Query", "Stub Resolver", "DNS Cache Poisoning", "Negative Caching" ], "references": [ { "title": "RFC 1035: Domain Names - Implementation and Specification", "url": "https://datatracker.ietf.org/doc/html/rfc1035" }, { "title": "RFC 2308: Negative Caching of DNS Queries (DNS NCACHE)", "url": "https://datatracker.ietf.org/doc/html/rfc2308" }, { "title": "IANA: DNS Parameters", "url": "https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml" } ], "word_count": 247, "license": "CC BY 4.0", "license_url": "https://creativecommons.org/licenses/by/4.0/", "attribution": "HostDir Glossary — https://hostdir.net/glossary/dns-caching" } }