diff --git a/internal/dns/dns.go b/internal/dns/dns.go
index 9135ecb..ff8bc1f 100644
--- a/internal/dns/dns.go
+++ b/internal/dns/dns.go
@@ -39,8 +39,12 @@ func NewDNSServer(port int, upstreamDNS string) *DNSServer {
 		UseDoH:      false,
 		queries:     make(map[string]*DNSQuery),
 		httpClient: &http.Client{
-			Timeout: 5 * time.Second,
+			Timeout: 3 * time.Second,
 			Transport: &http.Transport{
+				MaxIdleConns:        100,
+				MaxIdleConnsPerHost: 100,
+				IdleConnTimeout:     90 * time.Second,
+				TLSHandshakeTimeout: 2 * time.Second,
 				TLSClientConfig: &tls.Config{
 					InsecureSkipVerify: false,
 				},
@@ -57,8 +61,14 @@ func NewDNSServerWithDoH(port int, dohURL string) *DNSServer {
 		DoHURL:  dohURL,
 		queries: make(map[string]*DNSQuery),
 		httpClient: &http.Client{
-			Timeout: 5 * time.Second,
+			Timeout: 3 * time.Second,
 			Transport: &http.Transport{
+				ForceAttemptHTTP2:   true,
+				MaxIdleConns:        100,
+				MaxIdleConnsPerHost: 100,
+				IdleConnTimeout:     90 * time.Second,
+				TLSHandshakeTimeout: 2 * time.Second,
+				DisableCompression:  false,
 				TLSClientConfig: &tls.Config{
 					InsecureSkipVerify: false,
 				},
@@ -153,7 +163,7 @@ func (s *DNSServer) forwardQueryUDP(query []byte) ([]byte, error) {
 	defer upstreamConn.Close()
 
 	// 设置超时
-	upstreamConn.SetDeadline(time.Now().Add(5 * time.Second))
+	upstreamConn.SetDeadline(time.Now().Add(3 * time.Second))
 
 	// 发送查询
 	_, err = upstreamConn.Write(query)
@@ -276,8 +286,8 @@ func (s *DNSServer) recordQuery(domain, queryType string) {
 		}
 	}
 
-	// 限制缓存大小
-	if len(s.queries) > 200 {
+	// 限制缓存大小，防止内存溢出
+	if len(s.queries) > 500 {
 		// 删除最旧的条目
 		oldestKey := ""
 		oldestTime := time.Now()