So, I improved the performance a little upstream, but that won’t be enough for you. Long start and reconfigure time would certainly be a bother in practice. With the current design of the module, adding those reverse entries can’t be fast, and that code was already redesigned and rewritten for Knot Resolver 6.0.0 in a way that won’t suffer from bad performance here. However, lots of other work still remain before that can be released.
By the way, you know about the adblock package?-
RPZ
If you don’t want to use that package, I’d suggest switching to RPZ format, i.e. lines like
foo.example.net. A 0.0.0.0
and there it’s also possible to block subtrees by
*.example.net. A 0.0.0.0
(You need to block apex and all its subtrees separately, i.e. two lines, in the typical use case, unfortunately.)
RPZ doesn’t attempt reverse records (automatically), and performance on your large list seems good to me.
Configuration is probably best by editing /etc/config/resolver, section config resolver 'kresd' and there add list rpz_file '/path/to/file.rpz'