diff --git a/provider/rfc2136/rfc2136.go b/provider/rfc2136/rfc2136.go
index 77c92464c..7cb9f48c2 100644
--- a/provider/rfc2136/rfc2136.go
+++ b/provider/rfc2136/rfc2136.go
@@ -33,6 +33,11 @@ import (
 	"sigs.k8s.io/external-dns/provider"
 )
 
+const (
+	// maximum size of a UDP transport message in DNS protocol
+	udpMaxMsgSize = 512
+)
+
 // rfc2136 provider type
 type rfc2136Provider struct {
 	nameserver    string
@@ -309,6 +314,10 @@ func (r rfc2136Provider) SendMessage(msg *dns.Msg) error {
 		msg.SetTsig(r.tsigKeyName, r.tsigSecretAlg, 300, time.Now().Unix())
 	}
 
+	if msg.Len() > udpMaxMsgSize {
+		c.Net = "tcp"
+	}
+
 	resp, _, err := c.Exchange(msg, r.nameserver)
 	if err != nil {
 		log.Infof("error in dns.Client.Exchange: %s", err)