Flush Network Caches

You've just installed a new hardware firewall with the same IP as one that's being replaced. Your routers can all see it, but traffic from your Macs seems to just disappear. Or you've renamed a series of servers the whole company uses, and the Macs can only find them by IP now. You know you can just reboot the problem machines, like you'd power-cycle an unmanaged switch, but that solution is impractical during business hours (and time-consuming on nights or weekends). How can you force a couple hundred Macintosh computers to update their network caches?

The ARP (Address Resolution Protocol) DNS (Domain Name System) caches are very different, but they server very similar purposes. ARP tables hold the information mapping ethernet MAC addresses (0a:1f:b5:c0:8e:4a) to network IPs (192.168.0.75), while DNS servers translate fully qualified domain names (like router.makemacwork.com) into IP addresses. Both types of information are cached to make subsequent lookups faster, but when changes take place on your network it's hard to predict when that information will get updated.

Fortunately, it's trivial to flush these caches on the Macintosh command line, and those commands can be sent to hundreds or even thousands of machines at once using Apple Remote Desktop's "Send Unix Command..." function.

On individual machines, you can clear the ARP cache in the Terminal and typing:

sudo arp -d -a

The DNS cache (along with all Directory Services caches) can be reset by typing:

sudo dscacheutil -flushcache

If you're sending the commands out with Apple Remote Desktop, leave out sudo and instead be sure to set the "Run command as" user to "root".

That's all it takes to force your Macs to fetch new routing and domain information, without ever having to interrupt the people working on them.