UDP packets are smaller in size. UDP packets can not be greater then 512 bytes. So any application needs data to be transferred greater than 512 bytes require TCP in place. For example, DNS uses both TCP and UDP for valid reasons described below. Note that UDP messages are not larger than 512 Bytes and are truncated when greater than this size. DNS uses TCP for Zone transfer and UDP for name queries either regular (primary) or reverse. UDP can be used to exchange small information whereas TCP must be used to exchange information larger than 512 bytes. If a client doesn't get response from DNS it must re-transmit the data using TCP after 3-5 seconds of interval.
There should be consistency in DNS Zone database. To make this, DNS always transfer Zone data using TCP because TCP is reliable and make sure zone data is consistent by transferring the full zone to other DNS servers who has requested the data.
The problem occurs when Windows 2000 server and Advanced Server products uses Dynamic ports for all above 1023. In this case your DNS server should not be internet facing i.e. doing all standard queries for client machines on the network. The router (ACL) must permitted all UDP inbound traffic to access any high UDP ports for it to work.
LDAP always uses TCP - this is true and why not UDP because a secure connection is established between client and server to send the data and this can be done only using TCP not UDP. UDP is only used when finding a domain controller (Kerberos) for authentication. For example, a domain client finding a domain controller using DNS.
ID d'article : 556000 - Dernière mise à jour : 23 sept. 2007 - Révision : 1