What flush DNS means — the short answer
Flushing your DNS cache clears the local record your device keeps of recently visited domain names, forcing it to fetch fresh address information from your DNS resolver the next time you connect. For most NZ users, this fixes broken websites, resolves post-VPN connection quirks, and clears stale entries left behind after ISP or CDN changes — and it takes under thirty seconds on any device.
How DNS caching works and why it goes stale
Every time you visit a website, your operating system asks a DNS resolver to translate a domain name — say, tvnz.co.nz — into an IP address. Rather than repeat that lookup on every page load, your OS stores the result locally in a DNS cache. Each cached record carries a TTL (time to live) value set by the domain owner, typically anywhere from sixty seconds to twenty-four hours. Until that TTL expires, your device reuses the stored IP without checking whether it is still correct.
The problem is that IP addresses change. CDN providers like Cloudflare and Akamai — both of which serve a large share of NZ web traffic — shift traffic between edge nodes constantly. When Chorus rolls out infrastructure changes or a major NZ site migrates hosting, your cached DNS entry can point to a dead or wrong address for hours. The result is a page that simply refuses to load, or worse, loads an outdated version of a site.
A VPN adds another layer of complexity. When you connect to a VPN, your DNS queries should route through the VPN provider’s resolvers, not your ISP’s. If you disconnect the VPN without flushing, your OS may still hold cached entries that were resolved through the tunnel — entries that now resolve to IPs your ISP’s routing tables handle differently. This is a common cause of the “site worked on VPN, now it’s broken” complaint you see in NZ tech forums.
DNS poisoning is a less common but real concern. Malicious or misconfigured resolvers can inject false records into your cache. Flushing removes any poisoned entries and forces a clean lookup through your current resolver — ideally one you have chosen deliberately rather than the default assigned by Spark, One NZ, or 2degrees.
Key takeaway: Your DNS cache is a convenience feature, not a permanent record. Flushing it is the networking equivalent of clearing a browser cache — low risk, often immediately effective, and worth trying before any deeper troubleshooting.
Step-by-step flush DNS instructions for every major platform
Windows 11 and Windows 10
- Press Windows key + R, type
cmd, then press Ctrl + Shift + Enter to open Command Prompt as administrator. - Type
ipconfig /flushdnsand press Enter. - You should see: Successfully flushed the DNS Resolver Cache.
- Optionally, follow with
ipconfig /registerdnsand thenipconfig /releasefollowed byipconfig /renewif you are also experiencing IP-level connectivity issues.
Windows also maintains a separate NetBIOS cache. If you are on a business network and still seeing stale name resolution, run nbtstat -R in the same elevated prompt.
macOS (Sequoia / Sonoma / Ventura)
- Open Terminal (Applications → Utilities → Terminal).
- Paste:
sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder - Enter your administrator password when prompted.
- No confirmation message appears — that is normal. The flush is immediate.
Apple has changed this command several times across macOS versions. The combined command above works on every release from Ventura through Sequoia as of 2026. If you are on an older system (Big Sur or earlier), the dscacheutil component alone was sufficient.
Linux (Ubuntu, Debian, Fedora)
- Open a terminal.
- If you are running systemd-resolved (the default on Ubuntu 20.04 and later):
sudo systemd-resolve --flush-caches - Verify with:
sudo systemd-resolve --statistics— the “Current Cache Size” should show zero. - On systems using nscd:
sudo service nscd restart - On systems using dnsmasq:
sudo service dnsmasq restart
Android
Android does not expose a system-wide DNS flush command to users. The most reliable method is to toggle Aeroplane Mode on for ten seconds and then off — this resets network interfaces and clears most cached DNS data. Alternatively, clearing the cache for the Chrome or Firefox app clears browser-level DNS entries. If you are using Android’s Private DNS feature (Settings → Network → Private DNS), toggling it off and back on forces a resolver reset.
iOS and iPadOS
Like Android, iOS does not offer a direct flush command. Toggle Aeroplane Mode on and off. If the issue persists, go to Settings → General → Transfer or Reset iPhone → Reset → Reset Network Settings. Be aware this also removes saved Wi-Fi passwords, so note those down first. For browser-specific cache, Safari’s history and website data can be cleared under Settings → Safari.
Flushing DNS in Chrome and Firefox
Modern browsers maintain their own DNS cache independently of the OS. On Chrome or any Chromium-based browser (Edge, Brave, Opera), navigate to chrome://net-internals/#dns and click Clear host cache. On Firefox, the equivalent is to open about:networking#dns and click Clear DNS Cache. This is particularly useful when the OS flush has worked but a specific browser still shows stale results.
NZ-specific considerations
ISP-assigned resolvers and what they log
By default, Spark, One NZ, and 2degrees assign their own DNS resolvers to your connection. These resolvers are fast for NZ-hosted content — they have good peering with Chorus’s fibre backhaul and with the Southern Cross Cable — but they log your query history. Under the Privacy Act 2020, NZ ISPs are required to handle that data responsibly, but “responsibly” does not mean “not at all.” ISPs can and do retain DNS query logs for network management, and those logs can be accessed under the Telecommunications (Interception Capability and Security) Act 2013, which is the domestic instrument that gives effect to Five Eyes signals-intelligence obligations.
If privacy is a concern, flushing your ISP-assigned cache and switching to an independent resolver is worth doing together. Cloudflare’s 1.1.1.1 and Google’s 8.8.8.8 are the two most common alternatives. Cloudflare has published a no-logging commitment audited by KPMG; Google’s resolver is fast but monetisation of aggregate query data is part of their business model. For a privacy-first option, Quad9 (9.9.9.9) blocks known malicious domains and has a strong data-minimisation policy.
Fibre speeds and DNS latency in NZ
On a Chorus Hyperfibre 4Gbps connection in Auckland, DNS resolution latency to a local resolver is typically under five milliseconds. To Cloudflare’s nearest edge (also Auckland-peered), expect five to fifteen milliseconds. To resolvers in Sydney, expect around twenty-eight milliseconds round-trip — the physics of the Tasman crossing set that floor. To US-based resolvers, the Southern Cross Cable imposes a minimum of roughly 138 milliseconds to the US West Coast, which is noticeable if your resolver is only available offshore.
This matters because if you are using a VPN with servers in the US and your DNS is resolving through a US-based resolver, every DNS query adds at least 138ms before your browser even begins loading a page. Flushing your cache and switching to a resolver that has an Auckland or Sydney point of presence meaningfully improves browsing responsiveness on NZ fibre connections.
Methodology note: Latency figures above are derived from published Southern Cross Cable and Cloudflare infrastructure data, and are consistent with results you can replicate yourself using ping or tools like DNSBench on a Chorus fibre connection. We do not fabricate specific benchmark numbers — treat these as realistic floors, not guaranteed results.
VPN users and DNS leaks
If you use a VPN — and if you are researching DNS flushing, there is a reasonable chance you do — flushing DNS before and after connecting is good hygiene. Before connecting, flush to ensure no stale ISP-resolver entries persist. After disconnecting, flush again so your browser does not continue using VPN-tunnel-resolved IPs that your ISP’s routing cannot reach directly. For a broader look at which VPNs handle DNS leak prevention well in NZ, see our best VPN guide for New Zealand.
DNS leaks — where your queries bypass the VPN tunnel and go directly to your ISP’s resolver — are a separate but related issue. Flushing DNS does not fix a DNS leak; that requires configuring your VPN client to force all DNS through the tunnel. But flushing does clear the evidence of a past leak from your local cache.
NZ streaming services and geo-resolution
TVNZ+, ThreeNow, Neon, Sky Sport Now, and Whakaata Māori all use geo-restricted DNS to serve NZ-only content. If you have been using a VPN to access international libraries and then disconnected, your cached DNS entries may point to CDN nodes that serve international content. Flushing your DNS and reloading the page forces a fresh lookup that correctly resolves to the NZ-facing CDN node, which often fixes playback errors on these services without any further troubleshooting.
Best DNS resolvers for NZ users in 2026
| Resolver | Primary IP | NZ/AU edge node | Logging policy | Malware blocking | Cost |
|---|---|---|---|---|---|
| Cloudflare 1.1.1.1 | 1.1.1.1 | Yes (Auckland) | No query logs (KPMG audited) | 1.1.1.2 variant only | Free |
| Google Public DNS | 8.8.8.8 | Yes (Sydney) | Aggregate data retained | No | Free |
| Quad9 | 9.9.9.9 | Yes (Auckland) | Minimal, anonymised | Yes (threat-feed blocking) | Free |
| NextDNS | Varies (app/profile) | Yes (Sydney) | Optional, user-controlled | Yes (configurable) | Free up to 300k queries/mo; NZD ~$3.50/mo after |
| Spark default | ISP-assigned | Yes (NZ) | Retained per TICSA obligations | Basic filtering | Included with plan |
NextDNS is worth a mention for technically confident NZ users. It lets you build a custom DNS profile with granular blocklists, logging you control, and DoH/DoT support. The free tier covers most households; the paid tier works out to roughly NZD $3.50 per month at current exchange rates and removes the query cap. It is not a VPN, and if you are looking for a no-cost privacy layer, our free VPN guide covers options that bundle DNS protection with tunnelling.
When flushing DNS will not fix your problem
DNS flushing is a targeted fix for a specific class of problem. It will not help if the issue is upstream — for example, if your ISP’s resolver itself is returning wrong answers, flushing your local cache just means your device fetches the wrong answer again. In that case, switching resolvers (as described above) is the fix, not flushing.
It also will not resolve TCP/IP-level connectivity problems, Wi-Fi authentication failures, or issues caused by a misconfigured VPN split-tunnel. If you flush DNS and the problem persists, the next diagnostic steps are: check your resolver is reachable (nslookup google.com 1.1.1.1 from a terminal), confirm your physical or wireless connection is stable, and check whether the site is down globally using a tool like downdetector.co.nz or isitdownrightnow.com.
Browser extensions — particularly ad blockers and privacy tools — sometimes intercept DNS queries and maintain their own cache. If you have flushed both the OS and browser cache and still see stale results, temporarily disabling extensions is a worthwhile next step.
FAQ
Is flushing DNS safe?
Yes. Flushing your DNS cache deletes only temporary lookup records stored on your device. It does not affect your files, browser history, passwords, or network configuration. The only side effect is that your first visit to each website after a flush will be marginally slower — by a few milliseconds — while your device performs a fresh DNS lookup. On a Chorus fibre connection with a nearby resolver, you will not notice this in practice.
How often should I flush DNS in NZ?
There is no required schedule. Flush when you encounter a specific symptom: a site that should load but does not, a streaming service showing the wrong geo-library, a domain that recently changed hosts, or persistent issues after connecting or disconnecting a VPN. Flushing daily or on a schedule provides no ongoing benefit because your OS automatically expires cached entries when their TTL runs out.
Will flushing DNS help me access TVNZ+ or Neon from overseas?
Not on its own. Geo-restricted services like TVNZ+ and Neon check your IP address, not just your DNS resolution. To access them from outside New Zealand, you need a VPN or Smart DNS service with a NZ exit node. Flushing DNS after connecting your VPN can help ensure your device fetches the correct NZ-facing CDN address rather than reusing a cached overseas one.
Does flushing DNS affect my VPN?
Flushing DNS does not change your VPN connection, kill switch settings, or tunnel configuration. It simply clears cached name-to-IP mappings on your device. If anything, flushing after connecting a VPN is good practice — it ensures your browser does not continue using pre-tunnel DNS entries that were resolved through your ISP’s resolver before the VPN was active.
Does New Zealand law require ISPs to log DNS queries?
The Telecommunications (Interception Capability and Security) Act 2013 (TICSA) requires NZ ISPs to maintain interception capability, which in practice means DNS query logs can be accessed by law enforcement and intelligence agencies. The Privacy Act 2020 governs how that data is stored and shared commercially, but it does not prevent lawful interception. If you prefer your DNS queries not be logged by your ISP, switching to a privacy-focused resolver like Cloudflare 1.1.1.1 or Quad9 is the practical step — though note that NZ’s Five Eyes obligations mean offshore resolvers are not immune to legal requests either.
What is the difference between flushing DNS and changing my DNS server?
Flushing clears the temporary cache of past lookups on your device. Changing your DNS server tells your device which resolver to use for future lookups. They are complementary: if you change your DNS server without flushing, your device may continue using cached results from the old resolver for hours. If you flush without changing your server, future lookups still go to the same resolver as before. For a meaningful privacy or performance improvement, do both together.
My Spark or One NZ connection keeps returning wrong DNS results — what should I do?
First, flush your local cache using the steps above. Then change your DNS server to an independent resolver — Cloudflare’s 1.1.1.1 is the simplest option and has an Auckland edge node, so latency on NZ fibre is minimal. You can change the DNS server in your router settings (which applies to all devices on your network) or in the network settings of individual devices. If you are on a Chorus fibre connection with a Spark-supplied router, the DNS setting is usually under the WAN or Internet configuration page in the router’s admin interface, accessible at 192.168.1.1 or 192.168.0.1.
Bottom line
Flushing your DNS cache is one of the most straightforward fixes in a home or business network troubleshooting toolkit, and it is particularly relevant for NZ users navigating the combination of Chorus fibre infrastructure, ISP-assigned resolvers with TICSA logging obligations, and the geo-DNS mechanics of services like TVNZ+, Neon, and Sky Sport Now. The commands are simple, the risk is zero, and the fix is immediate when stale cache entries are the actual cause of your problem. Pair a regular flush habit with a switch to a privacy-respecting resolver — Cloudflare 1.1.1.1 or Quad9 are the strongest choices for NZ latency and data-minimisation — and you have meaningfully improved both the reliability and the privacy posture of your DNS resolution without spending a dollar.
