DNS works on Both TCP and UDP why?

In interview, I have been asked many times – on which protocol DNS works? I say: TCP and UDP both. They ask: why it works on both protocols…that’s it! I say: sorry cound’t answer this question but I know that it works on both protocols. Here is the answer I have retreived from many resources on the web. The answer is very simple: TCP is a connection-oriented protocol and it requires data to be consistent at the destination and UDP is connection-less protocol and doesn’t require data to be consistent or don’t need a connection to be established with host for consistency of data.

UDP packets are smaller in size. Can’t be greater then 512 bytes. So any application needs data to be transffered greter than 512 bytes uses TCP 

We often discuss why services use both the protocols i.e. TCP and UDP. These services can also realy on TCP instead of UDP because TCP is a connection-oriented protocol whereas UDP is connection-less! then why use UDP?

For example, DNS uses both TCP and UDP for valid reasons described below. Note that UDP messages are not larger than 512 Bytes and are trucncted when greater than this size. So DNS uses TCP for Zone transfer and UDP for name queries either regular (primary) or reverse. UDP can be used to exchange small information whereas TCP must be used to exchange information larger than 512 bytes. If a client doesn’t get response from DNS it must retransmit the data using TCP after 3-5 seconds of interval.

We all know that there shouldn’t be any inconsistency in DNS zones – to make this happen DNS always transfer Zone data using TCP because TCP is reliable and make sure zone data is consistent by transffering the full zone to other DNS servers who has requested the data.

Shouting more on this…

The problem occurs when Windows 2000 server and Advanced Server products uses Dynamic ports for all above 1023. In this case your DNS server should not be internet facing ie. doing all standard queries for client machines on the network. The router (ACLs) must permitted all UDP inbound traffic to access any high UDP ports for it to work.

Now talk about LDAP. It always uses TCP – this is true and why not UDP. because a secure connection is established between client and server to send the data and this can be done only using TCP not UDP. UDP is only used when finding a domain controller (Kerberos) for authentication.

20 thoughts on “DNS works on Both TCP and UDP why?”

  1. Well, I have seen a number of times that it works on UDP for standard queries.

    Didn’t get a chance to get through RFC. Could you please tell me which RFC talks about this.


  2. Well, I think DNS works on UDP usually because it requires a great speed. Only a connection-less proctol can fulfil its requirements ..

  3. This answer was really help full..But there were a lot of deatails need to be ful filled..like, Where DNS requires TCP and where it requires UDP..

  4. can you describe this line in much more easier explanation “So DNS uses TCP for Zone transfer and UDP for name queries either regular (primary) or revers”

  5. in fact dns should used both t. l protocols (TCP &UDP)
    where tcp is used for transmission session
    which is the update files between primary servers and secondary servers also it happened between levels.
    even udp is use for client request and reply for gain time.

  6. DNS and some other Services work on both the TCP and UDP Protocols. Two protocols are different from each other. TCP is a connection-oriented protocol whereas UDP is a connection-less protocol. TCP requires the data to be consistent at the destination and UDP does not require the data to be consistent or does not need to establish the connection with the host for data accuracy.

    DNS uses TCP for Zone Transfer over Port: 53

    It is necessary to maintain a consistent DNS database between DNS Servers. This is achieved by the TCP protocol. This communication happens between DNS Servers only. The Zone Transfer feature of DNS Server will always use TCP protocol. The connection is established between the DNS Server to transfer the zone data and Source and Destination DNS Servers will make sure that data is consistent by using TCP ACK bit.

    DNS uses UDP for DNS Queries over Port: 53

    A client computer will always send a DNS Query using UDP Protocol over Port 53. If a client computer does not get response from a DNS Server, it must re-transmit the DNS Query using the TCP after 3-5 seconds of interval.

Leave a Reply

Your email address will not be published. Required fields are marked *