An Important fact
All of us knows that we use UDP protocol in DNS Server.
BUT, there is a situation when we use TCP in DNS Server. That situation is something about truncating.
Can anyone put more lights on this concept and come out with an explaination that WHEN and WHY we use TCP in DNS.
A single UDP packet cannot be larger than 512 bytes. If the response doesn't fit into that, the request has to be done via TCP.
TCP must be used in zone-transfers between master and slave -servers.
If the TC-bit is set in the response to the resolver, it could either query again for the missing information or switch to TCP and do the same query again.
A good resolver do not switch to TCP if you ask me.
According to my (not huge, but i have developed some dns-clients) experience this rarely happens because if one host/domain/tld exists more than one time in a package it contains a "pointer" to the first place it occured instead of the whole name again.
Most of the time the domain and tld are the same for all servers related to the response so 512 bytes is often more than enough.
UDP use only two packets for a query and TCP use around 13 packets, so ask again for only the missing information is highly recommended.