I've been a bit confused on this point! The guidance from Microsoft seems contradictory:

Quote 1: "The new SPN format does not require a port number. This means that a multiple-port server or a protocol that does not use port numbers can use Kerberos authentication."

Quote 2: "MSSQLSvc/fqdn:InstanceName The provider-generated, default SPN for a named instance when a protocol other than TCP is used."

To me, the first statement says it does work with TCP/IP (in the case where MSSQL is listening on multiple ports). But the second statement says it only works for non TCP connections.

Can you help clarify?