Home/ Questions/Q 786539
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-14T21:03:30+00:00

Is it possible to add a record to the dns cache from java? Or

  • 0

Is it possible to add a record to the dns cache from java? Or will I have to use the JNI?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Is it possible to add a record to the dns cache from java? Or will I have to use the JNI?

    Assuming that you are talking about the DNS cache that Java applications use, the answer is No in both cases.

    The cache is implemented in the java.net.InetAddress class; refer here for the source code. As you can see, the cache is implemented using private static attributes and all of the classes and methods involved are private or package private. In short, the only way you could get at the cache would be by using nasty reflection tricks to subvert the Java access rules.

    Since this is implemented in pure Java, JNI won’t help.

    EDIT

    Unfortunately, the link above no longer points to the OpenJDK code :-(.

    FOLLOWUP

    Re: these comments.

    The Java DNS cache? – WineSoaked May 9 ’10 at 3:25

    Sorry no, the system one. I’m trying to proxy the default browser for certain sites and i figured adding a dns record for those sites pointing to my local proxy would be easiest way. – silverbandit91 May 9 ’10 at 5:32

    There is no way to directly plant things in the system DNS cache from Java. Indeed, I don’t even think that Java uses the system DNS cache.

    But there are better alternatives to what you are trying to do:

    • Get your users to configure their browsers to use an ‘autoproxy.pac’ file to determine which proxies to use. IMO, this is the best option.

    • Put entries for the hosts that you want to selectively proxy into “/etc/hosts” and configure (using “/etc/host.conf”) your local resolver to look in “/etc/hosts” before talking to the DNS server. Unfortunately (like cache poisoning) this “pollutes” your DNS with bogus entries, can cause problems when using services other than HTTP / HTTPS.

    Finally, you probably should rethink your goal of doing this totally transparently to your users:

    • If you are doing this to implement some company security or internet access rules, people can “route around” any measures you implement at this level. (You’d be better off firewalling your network and forcing to use a proxy for external access … or something like that.)

    • If you are just trying to implement a useful service, you should use the autoproxy.pac approach which gives the users 1) visibility of what is going on (if they care to look), and 2) the option of opting in or out.

    • If you are trying to do something else …

    • 0