Skip to content

fix: add --dns-concurrency flag for parallel DNS resolution#1555

Closed
oxqnd wants to merge 1 commit intoprojectdiscovery:devfrom
oxqnd:fix/dns-concurrency-1540
Closed

fix: add --dns-concurrency flag for parallel DNS resolution#1555
oxqnd wants to merge 1 commit intoprojectdiscovery:devfrom
oxqnd:fix/dns-concurrency-1540

Conversation

@oxqnd
Copy link
Copy Markdown

@oxqnd oxqnd commented Sep 19, 2025

Fixes #1540

Problem

The -c flag (general concurrency) did not affect DNS resolution.
When scanning with a host list (-l), DNS lookups were performed sequentially, leading to slow performance with large input files.

Example:

$ time ./naabu -l domains.txt -p 80 -c 100
# Duration almost the same as -c 25

Root Cause

DNS resolution inside PreProcessTargets() was always bound to Threads (-c).
There was no dedicated concurrency control for DNS lookups, so the -c flag only applied to scanning, not to DNS resolution.

Changes

  • Added a new CLI flag: --dns-concurrency

    • Controls the number of concurrent DNS resolution workers.
    • Defaults to -c when not explicitly set.

  • Updated options.go to parse the new flag.

  • Updated targets.go to use a sized wait group based on DnsConcurrency instead of Threads during target preprocessing.

  • Updated help text and usage docs.

Result

Before:

$ time ./naabu -l domains.txt -p 80 -c 25
real    0m3.44s

$ time ./naabu -l domains.txt -p 80 -c 100
real    0m3.42s   # no improvement

After:

$ time ./naabu -l domains.txt -p 80 -c 25 --dns-concurrency 100
real    0m1.72s   # faster resolution with higher DNS concurrency

This makes DNS resolution behavior consistent with user expectations and improves scan speed for large host lists.

@dwisiswant0
Copy link
Copy Markdown
Member

dwisiswant0 commented Sep 20, 2025
edited
Loading

DNS lookups were performed sequentially [...]

The current implementation is already concurrent. DNS lookups are not sequential, they already run in parallel under the existing -c setting. All this patch does is add another flag that controls the exact same thing.

That doesn’t fix anything. It just creates unnecessary complexity and forces users to think about two different concurrency flags when one is already enough. From a user perspective, -c is concurrency, full stop.

So: fix the implementation by making DNS resolution actually respect -c, not to shove the same broken behavior behind a second option. Users shouldn’t have to juggle two different knobs to get what they already expected from one.

EDIT:

turns out this is sequential, and this patch still sequential too.

@dwisiswant0 dwisiswant0 mentioned this pull request Sep 21, 2025
Merged
@dwisiswant0
Copy link
Copy Markdown
Member

dwisiswant0 commented Sep 21, 2025

Superseded by #1556.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dwisiswant0 dwisiswant0 Awaiting requested review from dwisiswant0

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Concurancy not working for DNS Resolution

2 participants

@oxqnd @dwisiswant0