The attempts of malicious access and attacks from the Internet to the internal computers of organizations never stop today and corresponding countermeasure for each technique is required. Most organizations introduce some firewall facilities as one of the solutions to protect their internal computers as well networks from those attacks. However, in most organizations, the network administrator has to deploy the policies on the firewall system manually based on the layer 3 and 4 information and only identified communication peers can be controlled by the policy-base firewall system. To solve these problems, we focused on the domain name resolution which happens prior to most TCP/IP communications and approach a new mechanism: adaptively investigable firewall system based on DNS query initiator by notifying the DNS query side client IP address to the target DNS server. In this paper, we mainly present the detail of design and implementation of the client IP address notification feature in the caching DNS server by embedding the subnet address as well as subnet mask of the query source client by practically using the DNS expanded standard (EDNS0).