It depends on the setup.
I thought his setup would include a DMZ (other subnet)
that is filtered by the firewall.


                 +----------------+     +-----------+
Internet  -------|  Firewall Box  |-----| Local Net |
                 +----------------+     +-----------+
                           |
                           |
                 +----------------+
                 |  DMZ (DNS)     |
                 +----------------+

This way if you have box trying to access the DNS from
Local Net has to be NATted through Firewall, hence the 
IP address (name) of the firewall in DNS.

-> -----Original Message-----
-> From: Eden Li [mailto:eden.li@asu.edu]
-> Sent: Thursday, January 11, 2001 10:03 AM
-> To: plug-discuss@lists.PLUG.phoenix.az.us
-> Subject: Re: Bind errors
-> 
-> 
-> Actually, unless NAT is configured to do so.. the source IP 
-> address should
-> stay the same, so any outside IPs should be logged as trying 
-> to do zone
-> transfers.  Besides, zone transfers should only occur 
-> between primary and
-> secondary DNS servers, it should not be a re-occuring thing 
-> as Mike is
-> experiencing.
-> 
-> From: "Furmanek, Greg" <Grzegorz.Furmanek@asu.edu>
-> | I guess that sounds like an option.
-> |
-> | If you NATing connection in your firewall the
-> | bind box will see only the firewall IP therefore
-> | it will think it is doing zone transfer.
-> 
-> 
-> ________________________________________________
-> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your 
-> mail doesn't post to the list quickly and you use Netscape 
-> to write mail.
-> 
-> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
-> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
->