DNS flush is not working

solaris_1977 · July 6, 2012, 1:15pm

I have a Linux machine and it seems DNS cache is not getting clear on it. It is still showing old values, even after changing in DNS server by Network team. I did

/etc/init.d/nscd restart

But still it is showing old values on this server.
On my rest of servers in environment, nslookup is showing updated value, so problem is only with this server.
Please advice.

otheus · July 6, 2012, 1:54pm

Contrary to the misleading service name, nscd is not really a caching service for DNS. (It caches names resolved via services indicated via nsswitch.conf, including names in /etc/hosts.) First, tell us the "hosts:" entry in /etc/nsswitch.conf. Second, guve us your /etc/resolv.conf file. The first host entry in that file is the most likely origin of your bad DNS entries. If that IP *is* the same host, then tell us which service is running on port 53 ("netstat -anp | grep :53")

solaris_1977 · July 6, 2012, 2:22pm

Hi,
Here is the required output -->

root@tldb4t01:~> cat /etc/nsswitch.conf | grep hosts
hosts:          files dns
root@tldb4t01:~> cat /etc/resolv.conf
nameserver 10.63.36.50
nameserver 10.63.36.69
nameserver 10.53.36.17
search tms.toyota.com toyota.com
root@tldb4t01:~> netstat -anp | grep :53
tcp        0      0 10.63.168.17:53         0.0.0.0:*               LISTEN      54403/named
tcp        0      0 10.63.36.227:53         0.0.0.0:*               LISTEN      54403/named
tcp        0      0 10.41.179.106:53        0.0.0.0:*               LISTEN      54403/named
tcp        0      0 127.0.0.2:53            0.0.0.0:*               LISTEN      54403/named
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      54403/named
tcp        0      0 127.0.0.1:53620         127.0.0.1:27074         ESTABLISHED 24216/cvd
tcp        0      0 127.0.0.1:27074         127.0.0.1:53620         ESTABLISHED 24216/cvd
tcp        0      0 :::53                   :::*                    LISTEN      54403/named
udp        0      0 10.63.168.17:53         0.0.0.0:*                           54403/named
udp        0      0 10.63.36.227:53         0.0.0.0:*                           54403/named
udp        0      0 10.41.179.106:53        0.0.0.0:*                           54403/named
udp        0      0 127.0.0.2:53            0.0.0.0:*                           54403/named
udp        0      0 127.0.0.1:53            0.0.0.0:*                           54403/named
udp        0      0 :::53                   :::*                                54403/named
root@tldb4t01:~>

otheus · July 6, 2012, 2:37pm

So I take it this server has one of the IPs listed in resolv.conf?

Assuming that is the case, the problem is that this host is a dns server running "named". Named can run in one (or more) of several modes :

DNS master - holds the master copy of all hosts and objects it resolves
DnS slave - holds a copy which it regularly fetches from the master
DNS resolver & cache - resolves and caches answers from anither DNS server - this is called "forwarding".

What is your intention for this service?

solaris_1977 · July 6, 2012, 3:31pm

This server is a client (Not DNS Server/Slave). Network team has made changes on DNS Server and DNS Slave, thats why when we do

nslookup tldb4t-scan

from any of other server in my environment, output is updated one. But only from this server, it is still showing old values.
Is this making things clear to you ?

otheus · July 6, 2012, 4:20pm

Remove this servers' IP addresses from resolv.conf, and further, stop and disable the named service on it. After this, your host will use only the master and slave DNS servers and so should always be accurate.

(If for some reason this presents a peformance issue, then we will look at creating a proper dns caching-resolver on this server.)

solaris_1977 · July 6, 2012, 5:39pm

I am able to get it now. Thanks a lot

jideck · July 19, 2012, 3:19am

tip before empty anything do
Force DNS server to flush DNS data to zone file
dnscmd /zonewriteback zonename