Why doesn't "ipconfig /flushdns" completely wipe your DNS?

If one asked "why do some entries remain in ipconfig /displaydns even after I have flushed them with /flushdns?", it would have several possible answers:

  1. A program is repeatedly resolving some domain, so its information gets cached almost immediately again.
  2. The DNS Resolver has the handling of some special names hardcoded (such as localhost).
  3. The DNS Resolver automatically reads your /etc/hosts (actually %SystemRoot%\system32\drivers\etc\hosts) and uses it to fill the Resolver cache so that these names wouldn't have to be actually looked up on DNS. It's a nice trick to avoid re-reading /etc/hosts every time a name has to be resolved.

If one asked "why, after I change something in my domain and run /flushdns, I still don't see my changes?"

It is physically impossible to flush all records in DNS, because DNS – the Domain Name System – is hosted on many servers over the entire Internet, and you would have to destroy all of them.

What ipconfig accesses is your computer's local cache of information looked up from DNS; if you flush the cache on your computer and try to access any domain, the computer has to ask the configured DNS server again.

However, the configured DNS server, be it your router's, your ISP's, or a public one (e.g. Google's), has its own cache. Once someone asks the DNS server at 8.8.8.8 about the domain superuser.com, it gets cached on that server as well. So in many cases there might be three, maybe even four, layers of caching: in Windows, in your router/modem/gateway, at your ISP, and maybe a second layer deeper at the ISP.