How to force TCP packets for testing DNS?

Question

DNS uses UDP packets normally. However when the response is larger than a certain size, it switches to TCP.

It would be very useful if we can specify TCP/UDP when running DNS query commands with DIG or NSLOOKUP for example.

Is there a way to do this with DIG?

score 13 · Accepted Answer · answered Aug 13 '20 at 09:57

With dig you can use +tcp.

man dig says:

+[no]tcp
Use [do not use] TCP when querying name servers. The default behavior is to use UDP unless a type any or ixfr=N query is requested, in which case the default is TCP. AXFR queries always use TCP.
+[no]vc
Use [do not use] TCP when querying name servers. This alternate syntax to +[no]tcp is provided for backwards compatibility. The "vc" stands for "virtual circuit".

So both +tcp and +vc does what you want, but +tcp is a bit more clear in what you're trying to do.

Using dig myself and tracing the traffic with Wireshark I see that dig google.com @8.8.8.8 uses UDP and dig google.com @8.8.8.8 +tcp uses TCP.

score 9 · Answer 2 · answered May 06 '20 at 21:35

9

The old tools call this "virtual circuit" (vc) mode:

dig google.com @8.8.8.8 +vc

nslookup -vc google.com 8.8.8.8

Windows nslookup (interactive mode):

nslookup> set vc

answered May 06 '20 at 21:35

grawity

501,077

How to force TCP packets for testing DNS?

2 Answers2