Tue Nov 10, 2020 8:27 pm
Well, while it would not be completely impossible, you need to thing big. I don't know your numbers (hostnames in address list, clients using the router, amount of traffic, etc), but the solution would have to work even when you'd have thousands of hostnames in address list, thousands of clients using the router as resolver, thousands of packets checked against addresss list every second, etc. Also don't forget that router's main job is to route, it can't waste too much resources on stuff like this.
And again, what happens on router is not the only problem. TTL resolution for DNS records is in seconds. And things are asynchronous, client gets the address, but before it tries to connect, router already updates the records it has, and connection fails. The difference can be a millisecond or even less.
If you'd want 100% reliability (well, almost), the whole thing would have to work differently. DNS resolution on router would have to be synchronized with address list in some way, so when router would get new data from upstream resolver, it would have to immediatelly update address list and delay all clients asking for the hostname, in order to not give them the address before it's in address list. Your idea with pointers wouldn't work, because it would ruin all optimizations. Address lists use hashes, so they are fast even with huge amount of addresses. Pointers to DNS cache would require checking each address one by one, so it would completely kill the performance. Address list would also need to hold old addresses for a while, in case the client is slow in using them.
In short, it may seem easy, but in reality it's nearly impossible.