:::: MENU ::::

Clear DNS cache on vCSA 6.5 and later

As you may know, vCSA is now running on Photon OS.

If you are performing some IP change on one of your ESXi, or you are adding a new ESXi on your infrastructure, you may struggle with DNS caching.

You may found on the web that the solution is simply to run this command on your vCSA :

systemctl restart systemdresolved.service

Wich worked, on first release of vCSA 6.5, but not anymore.

If your go further in the vCSA configuration you will see in the /etc/resolv.conf this line :

nameserver 127.0.0.1
nameserver x.x.x.x
nameserver x.x.x.x

where x.x.x.x are your DNS servers. This configuration means that vCSA have a local DNS, thank’s to “dnsmasq”

In order, to clear the local caching you’ll need to restart the dnsmasq service thank’s to this command:

systemctl restart dnsmasq

those will not perform any side effect on your infrastructure.

Feel free to leave a comment if you’re still in struggle with DNS on your vCSA.

 

error

6 Comments

    • Reply Florian Casse |

      Hello,

      i don’t have the answer right now. I’ll do my best to find it.

      see you

  • Reply AJ Touchstone |

    VMware vCenter Server Appliance 6.7.0.10000. The command systemctl restart dnsmasq gives the following result:

    Failed to restart dnsmasq.service: The name org.freedesktop.PolicyKit1 was not provided by any .service files

    Any suggestions?

  • Reply Mark |

    @AJ I had the same thing – you have to be in as root, just shell’d into the appliance isn’t enough always. Log in, get to shell, run “su”, then enter shell again, then you should be good to go.

  • Reply DanMan32 |

    Excellent! I wish I had run nslookup on the VCSA first thing when vCenter lost connection to my 2nd host which gave me weird errors trying to reconnect. I had found a 2nd A record with iDrac IP in my AD DNS. I removed it and verified everything else resolved to the correct IP but VCSA still stuck with trying to use the wrong IP!

    After running this command, NSLookup verified the host now resolved to only the one IP.
    I could have saved the trouble of regenerating the cert on the host, removing the host from vCenter and all other troubleshooting steps.

So, what do you think ?