DNS and Basic SEF7.0 config question

[yowza]

I inherited probably the worst configuration imaginable. Being new to SEF7.0 I have been reading the manual for the last day or so and have a few questions. Our config from the inside going outside is basically Directory Server through Raptor, through Pix525 Firewall, to several specific servers on the net. One server requires access to a specific server on the net. The other server requires access to our DMZ (outside the Raptor, inside of Pix). The other 2 servers will not ever require access through the raptor. The 4 servers behind the Raptor are connected via a dumb hub.

1. From my standpoint, we do not need DNS. The hosts file will suffice. Is this a good way to go or should I reconsider?

2. What is the recommended way to turn DNS off? I read how to configure/set it up but am hesitant in trying to undo this since I haven't worked with SEF7.0.

3. I tried to reconfigure an NT box without a DNS entry and it put the gateway entry in for the DNS. I suspect I will probably have problems configuring the NT servers for no DNS.

4. Network Entities - Will I need to define a hosts entity in the Network Entities section for the 2 servers that will not pass traffic through the Raptor? Seems to me that the dumb hub would handle that.

5. I saw where you need to put 127.0.0.1 for the searchorder if you use DNS, but didn't find out how to tell it to use the /etc/hosts file. Anyone know how?

Any help or suggestions are greatly appreciated. If you can even direct me to some documentation other than the config guide I am going through now, I'd appreciate that too.

Thanks,
yowza

 

[captnstiles]

2 NIC's are required: Raptor will need a Domain Server to function properly with min. administration, with out hosts files are a pain too maintain. I tried to configure by using external DNS and never had it functioning properly, especially if you have a mail server behind RAPTOR. Once I set up DNS behind Raptor and using raptor as the cache forwarder everything is working to perfection. You also will need to go to DNSD in RAPTOR to setup that area for your internal boxes, ex: mail,DNS,excursion, internal interfaces, so forth. Raptor requires a host file, with bare min info here is local part do not for get dns part.
#Local host info
xxx.xxx.xxx.xxx sysxx.mydomain.com sysxx
127.0.0.1 local.mydomain.com localhost

Host entities : for the 2 servers to pass throw you will need to figure this as 2 seperate hosts and you can use 1 rule to take care of the servers, admin and so on.

The less rules, the less confusion, create groups to help keep rules to a min. Put those servers in a group and apply the group to the rule.

As for your dumb hub trash it, never put servers on a hub you slow your speed you keep cutting the bandwidth with every connection, USE A SWITCH instead, save the heart aches now instead of having them later. For ex: 10mb hub 10 connections all full 10/10=1mb per port, do not forget you have an uplink so you must share that also.

 

[yowza]

Thanks for the info captnstiles. As I mentioned in the post, we do not want or need DNS. I have the dnsd turned off and everything seems to be ok so far. Guess my next step is to remove the entries in the DNS tab and see what happens.