Flush DNS cache in Ubuntu

According to quite a few users on Stack Exchange, Ubuntu doesn’t cache DNS queries, but I got into an awkward situation where I couldn’t hit an internal server because my installation was convinced my internal server was being hosted on an external IP. 

It wasn’t entirely incorrect, because the server is (sometimes) available externally, but it’s only as needed. I have a few web serviced that need to be reached from outside and although I could use different ports, for ease, I just change the rules according to what service I want to use that day. I know, it’s very awkward and all I really need to do is set up a reverse proxy, but I am yet to get that done. It’s on “the list”! lol

I am using pfsense and the way I have it set up, the services I develop on need to resolve internally and externally. That means when I type https://subdomain.example.com/ and I am inside my network, I need it to resolve to (for example), but when I am not on the network I need it to resolve to my public IP address.

pfsense handles this perfectly.

What I didn’t realise, is that because I mis-configured something, enquiries locally were hitting my public IP address and being hosted that way. Meaning, my DNS request was being directed to my external IP address instead of my internal one. When I changed the order of the rules to allow a different service access to the HTTPS port, I could no longer access my original service. 

Long story, short: my internal server was being accessed by my computer via the public IP address instead of the internal one. 

I fixed the entries in the firewall and now if I did nslookups and digs on the URL, the correct internal IP was being returned. 


But it didn’t work. I still couldn’t access the service I needed, because Ubuntu was still accessing it from the external IP address.

Not Cool!

I restarted the resolver in pfsense in case for some reason it didn’t stick. But that wasn’t it. As I said, diging the firewall was returning the correct IP address, but pinging it was returning the external one. This took some time for me to work out that it was Ubuntu that had cached the URL, and it wasn’t the firewall that was now stopping me from accessing that page. 

Let me show you by example:

subdomain2.example.url (all URLs and IP addresses have been changed to protect the innocent) is responding with an internal IP address.

dave@home:~$ dig subdomain2.example.url

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> subdomain2.example.url
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63440
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 65494
;subdomain2.example.url.			IN	A

subdomain2.example.url.		1655	IN	A

;; Query time: 0 msec
;; WHEN: Sun Aug 26 23:58:37 AEST 2018
;; MSG SIZE  rcvd: 57

subdomain1.example.url is returning a public IP address (that’s not desired).

dave@home:~$ dig subdomain1.example.url

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> subdomain1.example.url
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2906
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 65494
;subdomain1.example.url.		IN	A

subdomain1.example.url.	7112	IN	A

;; Query time: 0 msec
;; WHEN: Sun Aug 26 23:58:48 AEST 2018
;; MSG SIZE  rcvd: 61

I knew this wasn’t quite right, but I couldn’t work out exactly why. So I asked my router where it thought the domain belongs:

dave@home:~$ dig @ subdomain1.example.url

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @ subdomain1.example.url
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1846
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 4096
;subdomain1.example.url.		IN	A

subdomain1.example.url.	3600	IN	A

;; Query time: 0 msec
;; WHEN: Mon Aug 27 00:08:02 AEST 2018
;; MSG SIZE  rcvd: 61

As you can see, the router knows the correct internal IP address, but Ubuntu is getting it from somewhere else. 

dave@home:~$ dig subdomain1.example.url

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> subdomain1.example.url
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33482
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 65494
;subdomain1.example.url.		IN	A

subdomain1.example.url.	6551	IN	A

;; Query time: 0 msec
;; WHEN: Mon Aug 27 00:08:09 AEST 2018
;; MSG SIZE  rcvd: 61

Then when I googled and found the above referenced Stack Exchange post and most answers were saying Ubuntu does not cache the DNS request, I just got confused. Not being confident of what I was looking at, I didn’t understand that the server IP address ( was a loop back address for the DNS. I knew the port meant that it was a DNS, but I didn’t understand where it was being served from. Yes, I should have quickly realised it was only a loop back address, but I thought it was coming from the router (because of the DNS port entry).

hence my confusion. When I asked the router directly, it was reporting correct. But the computer was getting it from somewhere else.

And that TTL was killing me. I knew if I rebooted the computer it would more than likely fix the issue (it would have), but I had too many things open and I just didn’t want to go down that path. 

Eventually the light bulb turned on and I realised that Ubuntu simply must be caching it itself and I needed to identify the service and restart it. 

Scrolling right down the Stack post I found my answer. Although there’s several answers with differing methods of restarting the service, I went for the systemctl approach. 

sudo systemctl restart systemd-resolved.service

a ping and a dig confirms we’re good to go:

dave@redbox1804:~$ ping subdomain1.example.url
PING subdomain1.example.url ( 56(84) bytes of data.
64 bytes from ubology.dav3 ( icmp_seq=1 ttl=64 time=0.874 ms
64 bytes from ubology.dav3 ( icmp_seq=2 ttl=64 time=0.295 ms
64 bytes from ubology.dav3 ( icmp_seq=3 ttl=64 time=0.268 ms
--- subdomain1.example.url ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2006ms
rtt min/avg/max/mdev = 0.268/0.479/0.874/0.279 ms
dave@redbox1804:~$ dig subdomain1.example.url

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> subdomain1.example.url
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21571
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 65494
;subdomain1.example.url.		IN	A

subdomain1.example.url.	3589	IN	A

;; Query time: 0 msec
;; WHEN: Mon Aug 27 00:09:44 AEST 2018
;; MSG SIZE  rcvd: 61


Some other untested suggestions in the Stack post revolve around restarting the network manager, killing the process, flushing the cache using a command line switch (I probably should have tried that one, just out of curiosity), and restarting the service via init.d, and others. Posted for posterity and “next time” 

sudo service dns-clean
sudo service network-manager restart
sudo /etc/init.d/nscd restart
sudo kill -HUP $(pgrep dnsmasq)
sudo pkill -HUP $(pgrep dnsmasq)
sudo systemd-resolve --flush-caches
sudo systemctl restart systemd-resolved.service

Problem solved!

Now, for the next one:

I need to get a reverse proxy up and running. I did give it a go with squid, but I was obviously not getting something right. Further readings suggest HAProxy might be the way to go. That will probably be my next pfsense adventure.

Will this haircut still be in my head on Monday?

Will this haircut still be in my head on Monday?

Jason really likes his haircut. I think he’s afraid it’ll grow out before he gets to school. 

I convince him that it’ll still be there on Monday. 

Then Harry asks, “what about Tuesday?”

Yes, it’ll be there Tuesday buddy. 

We then went through the rest of the week. 

It might be a bit short for mum’s liking, but he loves it. That’s all that matters. 

A bit late

So many things about the iPhone are actually good or useful.

iOS reminders is not one of them!

Cleaning out the garage

Not that anyone would need a Windows 98SE product key, at least I hope not, but cleaning out the garage I came across this beast.

Each morning…

Each morning when I open my eyes I say to myself: I, not events, have the power to make me happy or unhappy today. I can choose which it shall be. Yesterday is dead, tomorrow hasn’t arrived yet. I have just one day, today, and I’m going to be happy in it

Groucho Marx

Window Tax and the Long S

This should have been two topics, but I just went with it.

  1. Window Tax
  2. The Long S

Window Tax

I happened across a YouTube video of an old house built in the UK. It looks as though the building was either of Georgian or Victorian periods, but upon going through the building, it’s likely that it was built in the late 1600’s given the bricking of several windows to avoid the Window Tax that existed in the UK between 1696 and 1851.

Everything is remarkable about this house from the limecrete floors through to the large beams throughout the house, as well as the utilisation of all space in the roof area. Not to forget the old doors. The YouTuber in this video is very fascinated by the doors. There’s a good reason to be when you consider they’re 400 plus years old.

If you haven’t followed the Window Tax link above, a brief history is outlined here:

  • Coin Clipping was a major problem in the 1600’s where it was considered high treason and punishable by death.
  • As a counter measure to coin clipping, King William III introduced a Window Tax in 1696.
  • To get around the tax many premises boarded up windows.
  • It was a varying rate depending on how many windows the premises had.
  • It was repealed in 1851 after pressure from doctors and others who argued that lack of light was a source of ill health.
  • The same tax was imposed in France in 1798 and only repealed in 1926!
  • The tax was designed to “tax the relative prosperity of the taxpayer, but without the controversy that surrounded the idea of income tax” (wiki).

The Long S

A couple of other side notes from this are detailed in the tax receipt below (click for a larger version):

I am reminded of a conversation I had with my grandmother many decades ago, we were talking about currency and she asked me “What does L.S.D. stand for?” I don’t think I had an idea of the drug at the time, but she continued with, “Pounds, shillings, and pence.” The abbreviation can be seen to the right of the receipt.

I am also reminded of some very early (pre Sydney Morning Herald) Sydney Gazette archival books we had at our school library in the 1980s. I remember reading though them being amazed at the language, but especially the type.

This one took some searching because I had mistakenly thought I was looking for archival Sydney Morning Herald material. It turns out I was looking for material from the Sydney Gazette. The first publication in Australia, running from 1803 to 1842. It was the official paper of the New South Wales government. Under the editorship of Robert Howe in 1824, it ceased to be censored by the colonial government. (This is pre-federation of the states in 1901).

When a non-capital ‘s’ was present in a word, not being the last letter, it was typed as a form of ‘f’.  The exact character varies according to being normalised or italics or even handwritten, but several forms are exhibited below. In normal text is appears as an “f” without the cross bar: “ſ”. In italics, it appeared more like the integral character of mathematics: “∫”

Examples: “ſinfulneſs” for “sinfulness” and “ſucceſsful” for “successful”.

It wasn’t until many years later with the advent of the internet, I found this to be what is known as the “Long S“, or in more modern times, the “short”, “terminal” or “round” s.

Here is the first page of the Sydney Gazette:

Some other examples from the Sydney Gazette and elsewhere from the Internet:


how to navigate an intersection

Lawlessness on the roads

I have long come to realise that Australia is a nanny state of rules and regulations. There’s a rule for just about everything, and I’m starting to realise this is beginning to hamper us when in reality these sort of things should be making our lives better. Safer.

After having spent a lot of time in Thailand and using Thai roads and the lawlessness that apparently goes with driving in Thailand, you can come to both appreciate the rules we have on one hand, but despise them at the same time.

There are times where (especially in the middle of the night) where you can seemingly spend an eternity at a set of traffic lights for no apparent reason. I have a set of traffic lights at the end of my street, and I have to admit, they are pretty speedy on letting traffic out of our street. You only have to stop there for a moment and the lights begin to change. This appears to be the case even if it has only just turned red. The wait is never very long.

Yet there are traffic lights where they seemingly take forever. What’s with that?

Why are there stop signs for turning left on roads where you can see the approaching traffic for half a kilometre?

Why are there red arrows against turning right when there’s no approaching traffic at all? This one can be especially infuriating.

Paris Traffic

I remember seeing a photograph of a classic Parisian roundabout when I was at school, and I remember thinking “How do they do it? It’s chaos! How does anyone not get killed?”

As a kid I couldn’t see it. As a young adult I couldn’t see it either. Our lives are built around a network of safety measures and molly coddling. Rules and regulations designed to give us a “right of way” and a feeling of security as well as entitlement.

It’s this entitlement that breeds complacency on the roads. A righteousness that forgoes common sense. Road rage built around “he just cut me off,” or “I have the right of way!”

But what if we took that entitlement away? What would happen then?

People speed through intersections because they feel “safe” in the knowledge that other traffic should be giving way to them. But what if other traffic didn’t have to give way?

What if we took away the very things that apparently made our roads safer?

One of my favourite presenters, “99% invisible” teams up with Vox and illustrate just how it’s done elsewhere and removes some of the “molly coddling.”

The originality of your design, depends on the obscurity of your source

The originality of your design, depends on the obscurity of your source


I don’t know where I originally found this, I had just come back to edit it and add a citation after updating my theme. In doing a search for this quote I only found references to it from my site. I can assure you I didn’t come up with it :)


Daylight Saving Time

According to this server

Thu, 20th Sep 2018, 14:04:27 AEST Australia/Sydney (1537416267)
This timezone is currently in standard time.
Standard time began on: Sun, 1st Apr 2018, 02:00:00 AEST
Daylight saving time begins on: Sun, 7th Oct 2018, 01:00:00 AEST
In Sun days, on Sunday morning at 03:00:00 (3:00 AM), the clocks need to be put back -60 minutes.

I have always thought there would have to be a programatic way of determining when daylight saving started and finished. I know that it’s an arbitrary date and it’s subject to change, but I knew there would be a way to somehow look it up.

I’ve been looking for this before and never really came across anything and even when looking at the date/time functions in php, and even though gettimezone retrieves the current timezone (including whether or not DST is currently in force or not), it didn’t do much to solve the “when does it start next” problem.

Then one day I was playing in the backend of a website and I noticed there was two lines of text under the timezone information that was intriguing:

DST Info

I opened up the trust text editor and went fishing inside the server.

Now, I’m pretty sure I’ve seen timezone_transitions_get before, but for whatever reason, something never clicked. It’s EXACTLY what I was looking for!

In the DateTimeClass there are a myriad of functions to do with what the offset from UTC is, what effect DST has on the timezone, is it in effect now, amongst others; including get_transitions. This returns all the DST transitions for the time zone, past and future.

The only caveat here is your version of php would have to be reasonably up-to-date in the event that a local government changes when DST will start and finish. and although that probably wouldn’t be too often, it’s something that still must be considered.

This snippet I’ve created here isn’t perfect, it’s just bits and pieces cobbled together and it does need a good cleaning out. However, I’ve included it here and it’s available to you if you’d like to use it under the MIT license.

add_shortcode('DST_Info', 'mad_dst_info');

function mad_dst_info(){
$r = "
table {
  border-collapse: collapse;
td {
  border: 2px solid black;
</style> \n"  ;

$day    = 1;
$month  = 1;
$year   = 2018;

$time = mktime(12,0,0,$month,$day,$year);

$time = gettimeofday(time(),true);
function _t1($arg) {
 return "  <tr><td colspan='2'> $arg </td></tr>\n";
function _t2($arg1, $arg2) {
 return "  <tr><td> $arg1 </td><td> $arg2 </td></tr>\n";

$my_format="D, jS M Y, H:i:s T ";

$current_offset = timezone_offset_get();
$tzstring = ini_get('date.timezone');
$tzstring = "Australia/Sydney";

$r .= "<table>";
	$r .= _t1("<h2>According to this server</h2>");
	$r .= _t2( date($my_format, time()) , "$tzstring (".time().")");

	$check_zone_info = true;

    // Set TZ so localtime works.
    $now = localtime(time(),true); /////////////////////////////time(), true);
    if ( $now['tm_isdst'] ){
		$r .= _t1("This timezone is currently in daylight saving time.");
    } else {
		$r .= _t1("This timezone is currently in standard time.");
    $allowed_zones = timezone_identifiers_list();

    if ( in_array( $tzstring, $allowed_zones) ) {
      $found = false;
      $date_time_zone_selected = new DateTimeZone($tzstring);
      $tz_offset = timezone_offset_get($date_time_zone_selected, date_create());
      $right_now = time(); /////////////////////////////////////////////time();
      foreach ( timezone_transitions_get($date_time_zone_selected) as $tr) {
        if ( $tr['ts'] > $right_now ) {
            $found = true;

        $tr_old = $tr;

      if ( $found && $tr['offset'] != "UTC") {

        $message = $tr_old['isdst'] ? 'Daylight saving time began on: ' : 'Standard time began on: ';
          $r .= _t2( "  $message ",date($my_format , $tr_old['ts'] + ( $tz_offset - $tr_old['offset'] )));

        $message = $tr['isdst'] ? 'Daylight saving time begins on: ' : 'Standard time begins on: ';
          $r .= _t2( "  $message ",date($my_format , $tr['ts'] + ( $tz_offset - $tr['offset'] )));
		$damxdaystogo = date("D" , $tr['ts']);
		$damdayofweek = date("l" , $tr['ts']);
		$damtimeofday = date("H:i:s (g:i A)" , $tr['ts']);
		$damadjustment = ($tz_offset - $tr['offset'])/60 ;
		$dambackforward = ($damadjustment < 0) ? "back" : "forward";
		$message = "In $damxdaystogo days, on $damdayofweek morning at $damtimeofday, the clocks need to be put <em>$dambackforward</em> $damadjustment minutes.";
		  $r .= _t1( "  $message ");
      } else {
        $r .= _t1( 'This timezone does not observe daylight saving time.' );

    // Set back to UTC.
	$r .=    "</table>";
  return $r;

You may notice several things:

  • the screenshot above is taken from the backend of WordPress 
  • that information in the backend of WordPress is actually incorrect (DST doesn’t begin at 1am for that timezone)
  • the code itself creates a shortcode for displaying the data
  • the code is the actual code used by this site
  • I have attempted to correct the the DST conversion that WordPress has in it, but I haven’t got it quite figured out (just yet)

Anyway, it’s a work in progress.