forwarding and queries restrictions

[Barry Margolin]

In article <a3p8hn$o36 at pub3.rc.vix.com>,
Alexis Albinet  <albinet at fluxus.net> wrote:
>I use bind 9.2
>
>I have a problem with forwarding and restrictions on private domains.
>
>I have 2 name servers : An authoritative name server for my private
>domains and a cache name server which forward all queries to the
>autoritative one. I manage queries restrictions (allow-query
>private-lan1; private lan2; ...) on the authoritative name server.
>
>My hosts are asking the cache name server for DNS lookups.
>Then, the cache name server is asking the auth name server, and 
>I have noticed on the auth name server that the query source IP address
>is the cache name server one.
>
>I would prefer to see the first requester IP adress. Is there any way to
>do this ?

No.  When a machine sends a TCP/IP packet, its source address is the
address of the machine itself (unless the machine is some kind of firewall
or proxy).

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.