Strictly speaking, the question is invalid, as DNS uses both UDP and TCP for its transport.
The expected use is for DNS to run on top of UDP, with a fall-back to TCP for data packages that can't fit into a single 8K UDP packet. Large replies and zone transfers will fall in to this category. DNS can also be configured to work exclusively over TCP, but this isn't recommended.
Early MS Windows systems used DNS over TCP exclusively. Fortunately the more recent editions (XP onwards) use DNS over UDP by default, falling back to TCP only when necessary.
Why UDP rather than TCP? It's simply a matter of efficiency. To start a TCP connection a minimum of three packets are required (SYN out, SYN+ACK back, ACK out). By the time you add a data packet into that and close the session off correctly you will have sent several packets. In contrast, UDP can get away with a minimum of two packets (one question, one reply).
DNSSec adds a layer of complexity to this, but with caching the extra resource required can usually be mitigated against a number of queries.
Copyright © 2026 eLLeNow.com All Rights Reserved.
