Services needed by the LLRF nanoEngines that will be placed on the private controls net: tftp I suggest setting aside a directory in tftp space with ownership such that I can one-step scp files into place. In the long run, I will set the computers up to boot from Flash, but that makes development ugly. I don't see a way to tell inetd/tftp to restrict access to only one interface. Two answers: don't worry, since read-only access is fairly innocuous, or turn on kernel-level firewalling to squelch incoming UDP packets on port 69 from the "wrong" interface. ntp No administrative concerns, just latency and reliability I will phase-lock the nanoEngine clocks to this server. NFS Similar administrative concerns to tftp, but only for convenient debugging; normal operations would probably not use this. syslog Linux syslogd comes with a "-r" switch to permit incoming syslog UDP packets to be logged. I don't see indication one way or the other on Sun's syslogd man page. The history of syslogd is to always accept network messages, and the syslog.conf man page suggests that passing syslog packets over the net is normal. I just sent some test syslog messages from lrd3 to spoke.csg, you might check to see if they came through. DNS Not really needed, but a nice convenience. The boot sequence is configured in terms of IP numbers. (based on a 19 Feb 2002 e-mail to Carl Lionberger)