A nameserver will LISTEN on both UDP and TCP.
Code:
$ ssh j65nko@192.168.222.10 'netstat -an -f inet'
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
ip 0 0 *.* *.* 1
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp 0 0 192.168.222.10.22 192.168.222.20.3160 ESTABLISHED
tcp 0 0 192.168.222.10.53 *.* LISTEN
tcp 0 0 127.0.0.1.587 *.* LISTEN
tcp 0 0 127.0.0.1.25 *.* LISTEN
tcp 0 0 *.22 *.* LISTEN
tcp 0 0 127.0.0.1.8021 *.* LISTEN
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
udp 0 0 10.0.0.200.30510 213.206.97.167.123
udp 0 0 10.0.0.200.14501 80.101.175.193.123
udp 0 0 192.168.222.10.123 *.*
udp 0 0 192.168.222.10.53 *.*
udp 0 0 *.514 *.*
UDP is mainly used. If the answer of a nameserver doesn't fit into the 512 byte long UDP packet, the server will set the
truncated bit. This is an indication for the client to redo the query, but this time using TCP for a complete, not truncated answer.