Flush DNS Cache for PowerShell and WSL

When using Windows 10+ in combination with WLS(2) (Window Subsystem for Linux), you probably will stumble over some DNS resolution issues. For example: when you’ve changed the A-record for an IP and  you try to ping or dig the targeted domain. If you still get old IPs there, it could be caused by cached DNS entries. Hence in the standard setup the WSL uses the hosts (Windows) DNS including the cache of it, you sometimes have to flush it, in order to flush DNS cache for Powershell and WSL.

Flush DNS Cache using PowerShell

To flush the local DNS using the PowerShell, you have to run the shell as administrator. Afterwards you can run the following command to flush DNS cache for PowerShell and WSL together:

PS> ipconfig  /flushdns

To check if it was successful you can run:

PS> ipconfig  /displaydns

This will give you a list of all existing entries in the local DNS.

Using another DNS is WSL

To prevent the WSL from using the Windows hosts DNS you can change the /etc/resolv.conf on Debian like subsystems. You can comment in generateResolvConf=false and set a DNS nameserver like shown in the following example (run sudo nano /etc/resolv.conf):

generateResolvConf = false

Afterwards you have to restart the WSL by using an administrative PowerShell again. You can launch the PowerShell as admin from within a standard PowerShell like that:

PS> Start-Process powershell -Verb runAs

In the admin shell you have to run PS> wsl.exe --shutdown to restart WSL and put DNS changes into effect.


Keep in mind, that also network routers (fritzbox for example) and your ISP (Internet Service Provider) have DNS caches that can keep old IP entries.  
You can check, which DNS delivers the wrong entry by using dig with +trace flag on WSL shell. F.e:

$> dig +trace www.mydomain.tld

In the result you will see something like that:

; <<>> DiG 9.18.18-0ubuntu0.22.04.1-Ubuntu <<>> +trace www.mydomain.tld ;; global options: +cmd 
fritz.box.              9       IN      SOA     fritz.box. admin.fritz.box. 1704802986 21600 1800 43200 10 ;; Received 68 bytes from in 860 ms

You can see, that the fritzbox is responsible for the DNS resolution.

$> dig a @fritz.box www.mydomain.tld

# or on PowerShell:

PS> Resolve-DnsName -Name www.mydomain.tld -Server fritz.box 

… finally shows you, which DNS A record the fritzbox delivers. Then you can restart the fritzbox or just wait until the DNS cache expires.
You can use @ on WSL shell or – Server on PowerShell to check, if the google DNS already got the changes.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.