A DNS server might send a TC=1 RA=0 (truncation, no recursion) reply over UDP, while it still offers recursion over TCP. We currently ignore this server because we check for RA=0 before TC=1 in send_dg: if (anhp->rcode == NOERROR && anhp->ancount == 0 && anhp->aa == 0 && anhp->ra == 0 && anhp->arcount == 0) { … } if (!(statp->options & RES_IGNTC) && anhp->tc) { There is a thread about this on the dns-operations mailing list: https://lists.dns-oarc.net/pipermail/dns-operations/2016-March/014548.html Fixing this needs timeouts for TCP connections and a server usability check on the TCP path (see the blocking bugs).