Hope you like it..

How do I flush or delete incorrect records from my recursive server cache?

August 18, 2020 at 11:48 am Leave a comment

Sometimes a recursive server may have incorrect records in its cache.  These may be as a result of an error made by a zone administrator, or as a result of a deliberately engineered cache poisoning attack.

To identify the faulty records, by dumping and inspecting cache:

rndc dumpdb -all
grep problem.domain /var/named/data/cache_dump.db

(The location of the cache_dump.db may be varied based on the bind configuration)

Or you may be able to identify which records are incorrect by querying your server directly.

dig +norec <ip address of nameserver> <name> <type>

How to solve the problem?

rndc flushname name

• Use the name of a domain if there are problems with the NS or MX records associated with it.
• Use the server name, if there are problems with the addresses associated with that server name (for example a nameserver, a webserver or a mailserver).

Flush the cache for a specific name as well as all records below that name

rndc flushtree name

• This will clear the cache, but it will not clear any names out of ADB, so may not be sufficient for some needs.

If you are not sure where the problem lies, or there are too many records to delete them individually, then you might prefer to:Flush the entire named cache

rndc flush && rndc reload

Entry filed under: DNS and Bind. Tags: bind, flush, resolver cache, rndc.