DNS uses TCP quand le size of le request ou le response is greater than a single packet such as avec responses that have beaucoup de records ou beaucoup de IPv6 responses ou le plus DNSSEC responses.
The maximum size was originally 512 bytes mais there is an extension to le DNS protocol that allows clients to indicate that they can handle UDP responses of up to 4096 bytes.
DNSSEC responses are usually larger than le maximum UDP size.
Transfer requests are usually larger than le maximum UDP size et hence will aussi be done over TCP.
