ProtocolCodes

Bad truncation. The TSIG record was truncated in a way that makes it impossible to verify the message signature.

When You See This Code

A large DNS response was truncated (TC bit set) but the TSIG MAC was computed over the full message, making the truncated version unverifiable.

Retry the query over TCP to avoid truncation. If using UDP, ensure your EDNS buffer size is large enough to receive the full signed response.