[Dnsmasq-discuss] How may is too many CNAME references?

Geoff Back geoff at demonlair.co.uk
Mon Sep 27 13:17:02 UTC 2021



On 27/09/2021 13:24, Ercolino de Spiacico wrote:
>
> Thank you for the answer.
>
> In my case, since I'm compiling the adblock list via script that takes
> already care of the duplicates, this dnsmasq behaviour is redundant
> and actually unwanted because it causes issues. 
>
> Beside this, is there a specific reason why you force this check on
> CNAME only but not on A records? It seems inconsistent.
>
> I would suggest to switch this off by default for cases like mine and
> perhaps design a new option to force the duplicates check if wanted only.
>
> Thanks
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Hello,

The DNS standards require that a CNAME record is unique, but permit the
existence of multiple A records for the same name.  The difference is
because a CNAME can only be an alias for one possible target name, but
you can have multiple IP addresses assigned to the same name.  Since
there is no possible legitimate result if there is more than one entry
for the same CNAME, the checking is rather necessary.

Your case of a large list of CNAMEs that are pre-validated as unique is
the outlier case here.  I don't know whether it would be practical to
provide a special handler for your case, but I would suggest it is safe
to assume the checking for duplicates will remain the default since it
is fundamentally necessary in all the "typical" use cases.

I guess one possible approach might be, subject I suspect to a
controlling option, to change the way the CNAME records are loaded to
improve performance.  A two-pass process might be possible:
- Phase one: read all the records from your list and check each one
against pre-existing CNAME records, but *not *insert them into the data
structures.
- Phase two: insert all the records that have now been validated.

This would mean it no longer checked each CNAME against all previous
entries loaded out of your list, but would be completely dependent on
your list being guaranteed unique.

Only an idea, how practical this would be in the context of the current
code I don't know.

Regards,

Geoff.

-- 
Geoff Back
What if we're all just characters in someone's nightmares?




More information about the Dnsmasq-discuss mailing list