It depends on the setup.
I thought his setup would include a DMZ (other subnet)
that is filtered by the firewall.
+----------------+ +-----------+
Internet -------| Firewall Box |-----| Local Net |
+----------------+ +-----------+
|
|
+----------------+
| DMZ (DNS) |
+----------------+
This way if you have box trying to access the DNS from
Local Net has to be NATted through Firewall, hence the
IP address (name) of the firewall in DNS.
-> -----Original Message-----
-> From: Eden Li [
mailto:eden.li@asu.edu]
-> Sent: Thursday, January 11, 2001 10:03 AM
-> To:
plug-discuss@lists.PLUG.phoenix.az.us
-> Subject: Re: Bind errors
->
->
-> Actually, unless NAT is configured to do so.. the source IP
-> address should
-> stay the same, so any outside IPs should be logged as trying
-> to do zone
-> transfers. Besides, zone transfers should only occur
-> between primary and
-> secondary DNS servers, it should not be a re-occuring thing
-> as Mike is
-> experiencing.
->
-> From: "Furmanek, Greg" <
Grzegorz.Furmanek@asu.edu>
-> | I guess that sounds like an option.
-> |
-> | If you NATing connection in your firewall the
-> | bind box will see only the firewall IP therefore
-> | it will think it is doing zone transfer.
->
->
-> ________________________________________________
-> See
http://PLUG.phoenix.az.us/navigator-mail.shtml if your
-> mail doesn't post to the list quickly and you use Netscape
-> to write mail.
->
-> Plug-discuss mailing list -
Plug-discuss@lists.PLUG.phoenix.az.us
->
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
->