I'm getting the following output when I do a tcpdump
2017-07-26 00:00:00.062388 IP (tos 0x0, ttl 64, id 55135, offset 0, flags [none], proto UDP (17), length 78)
192.168.1.69.26818 > 192.168.1.5.53: 8603+ AAAA? pkcba.ad.roy.com. (50)
2017-07-26 00:00:00.062859 IP (tos 0x0, ttl 128, id 7617, offset 0, flags [none], proto UDP (17), length 128)
192.168.1.5.53 > 192.168.1.69.26818: 8603* 0/1/0 (100)
What do the numbers in the brackets (50) & (100) mean?
In this particular case they're the length of the DNS payload within the UDP packet (note that they're 28 bytes less than the total packet length reported in the lines above - 20 bytes for a standard IP header without options and 8 bytes for UDP)