Slashdot Mirror
Root Zone Changed
An anonymous reader writes "The day before yesterday the root zone was silently changed for the first time in 5 years. The change was to J.ROOT-SERVERS.NET that is now managed by Verisign. The usual sites don't breathe a word about this change however as one would expect for such a change to be properly announced. An interesing sidenote is this thread on the IETF discussion list." the_proton writes "The server j.root-servers.net has changed IP address to 192.58.128.30. The new root zone hints can be grabbed from ftp://rs.internic.net/domain/named.root or ftp://ftp.internic.net/domain/named.root.
The new zone serial number is 2002110501."
Maybe someone could explain to us newbies how this affects the operation of the Internet.
the internet. Don't every one go J.ROOT-NET.NET now.
Whenever I go near a "root zone" I end up getting pepper sprayed and charged with sexual assault.
Trolling is a art,
....the day before. See the message. Granted not much warning, but it wasn't silent.
that we are going to need Microsoft passport to make changes to DNS now?
In the free world the media isn't government run; the government is media run.
are there written protocols & procedures for this activity agreed upon by the community?
where's the oversight? who made the decision that changed the root zone? A *.int (intl. exchange) entity should mandate or govern root zone oversight, not some U$ corporate shill.
Following the recent DOS attacks against the root servers, it wouldn't surprise me if this move is only a small part of a bigger story. I'm willing to bet that modifications are being made to the networking and security of the root servers that will better prepare the entire root system for future attacks. The move of J. is probably just the tip of the clandestine "ice berg".
Skiers and Riders -- http://www.snowjournal.com
To sum up: You don't need to change anything. As long as one of the 13 servers in your hints/cache file responds, your name server will download the updated list on startup. You only have to worry if you've put off updating it so long that all 13 servers have changed IP's. Pretty unlikely, since that would be a hints file that's more than 10 years old at least. (You're not running Linux, anyway...)
And no, this isn't verisign-causing-instability-as-usual. They're actually trying to help it. Before this change, both a.root-servers.net and j.root-servers.net were in the same
Anyone that cares and needs to know about it was properly notified. There was a post to NANOG 3 days ago about it:
*****PLEASE NOTE*****
This is an important Informational Message to the internet community:
November 5, 2002, the IP address for J.root-servers.net will
change in the authoritative NS set for "dot". The change will
be reflected in zone serial # 2002110501.
The new set of servers authoritative for "dot" will be:
A.ROOT-SERVERS.NET. 5w6d16h IN A 198.41.0.4
H.ROOT-SERVERS.NET. 5w6d16h IN A 128.63.2.53
C.ROOT-SERVERS.NET. 5w6d16h IN A 192.33.4.12
G.ROOT-SERVERS.NET. 5w6d16h IN A 192.112.36.4
F.ROOT-SERVERS.NET. 5w6d16h IN A 192.5.5.241
B.ROOT-SERVERS.NET. 5w6d16h IN A 128.9.0.107
J.ROOT-SERVERS.NET. 5w6d16h IN A 192.58.128.30
K.ROOT-SERVERS.NET. 5w6d16h IN A 193.0.14.129
L.ROOT-SERVERS.NET. 5w6d16h IN A 198.32.64.12
M.ROOT-SERVERS.NET. 5w6d16h IN A 202.12.27.33
I.ROOT-SERVERS.NET. 5w6d16h IN A 192.36.148.17
E.ROOT-SERVERS.NET. 5w6d16h IN A 192.203.230.10
D.ROOT-SERVERS.NET. 5w6d16h IN A 128.8.10.90
This WILL require a change to your root hints file. The new
file will be available via anonymous ftp from
rs.internic.net:/domain/named.root as well as
ftp.internic.net:/doamin/named.root starting 11/5/02 1700UTC (12pm
EST/9am PST).
Both the new and old j.root-servers.net IP space will provide
answers in parallel for the foreseeable future.
_________________________________________
John Crain
Manager of Technical Operations
ICANN/IANA
crain@icann.org
1AF4 F638 4B2D 3EF2 F9BA 99E4 8D85 69A7
that DDOS attacks are covered under the U.S.A.
"Patriot" Act.
Very truly yours,
J. Ashcroft
_)*&^%$$
Be Patriotic: Smoke Amerikan Grown Marijuana
This move is "a good thing".
The J server shared a broadcast domain (i.e. it was on the same Ethernet) as the A root server. That's was clearly sub-optimal.
So this move is good in that it creates a small bit of physical separation and a bit larger amount of net-topological separation between the J and A root servers.
I hear that the old server will continue in operation for an indefinite period - so there is no need to rush out and update your "hints" file for your DNS resolvers - you can do it at your leasure and you probably won't notice even if you forget to do it.
(Even if the old server is turned off - as long as a bogus server doesn't replace it, when DNS resolvers that are using the old hints file come up and look for a root zone definition, they will simply bypass the non-responsive absent server and try the other hints.)
But there is another issue - A change in the "hints" is always a nuisance. And since we are incurring this nuisance, I wonder why we did not use this as an opportunity to redress the imbalance of root server placement - there are few root servers in Europe and Asia, and rather than simply moving the J server from one side of Herndon, Virginia to another, why wasn't it moved to Europe of Asia?
"Causing instability as usual"?
You only need one root server, there are 12 others. In fact, it safe to just wait until the next time you upgrade BIND or your operating system... running an out of date file won't hurt anything.
There was no reason to announce anything here. This is really a non-event.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
An anonymous reader writes
;)
Ok. I got that. Next.
"The day before yesterday the root zone was silently changed for the first time in 5 years.
That's english at least. Something changed. Hopefully the rest will tell me what.
The change was to J.ROOT-SERVERS.NET that is now managed by Verisign.
Verisign's evil, right?
The usual sites don't breathe a word about this change however as one would expect for such a change to be properly announced.
Conspiracies are bad, right?
An interesing sidenote is this thread on the IETF discussion list." the_proton writes "The server j.root-servers.net has changed IP address to 192.58.128.30. The new root zone hints can be grabbed from ftp://rs.internic.net/domain/named.root or ftp://ftp.internic.net/domain/named.root. The new zone serial number is 2002110501."
[Brain explodes]
(Isn't it amazing when you read something written in your own language and don't understand a word of what's being said?)
Triv
> The new root zone hints can be grabbed from ftp://rs.internic.net/domain/named.root or ftp://ftp.internic.net/domain/named.root.
/var/named/ (or wherever you installed it).
For those running bind, you may want to try this instead:
dig @e.root-servers.net . ns > root.hints
It will generate the root list automatically, ready for you to drop into
This post is leaving out some details that were brought up on the NANOG mailing list.
This is not a change that needs to be done immediately. For one thing, there are 13 (A - M) root servers. As long as your name server can contact one of them, it will download the latest list at start-up, so your root file can be fairly out of date, and still be fine when running.
Also, the announcement says that the server will respond on both IP addresses "for the forseeable future".
This isn't a question of flipping a switch and everyone having to update their servers at once. A big public announcement would probably just have confused most users for no good reason.
Since when I look up the SOA record for the root domain, it gives a serial number of 2002110700 instead of 2002220501.
The root zone corresponds to the '.' at the very end of the domain names. The root name servers have records for .com,.org, and the national (.uk,.dk etc.) etc. DNS servers. If you ping cr.yp.to (DJB's domain), for example, and your DNS server has never seen a .to domain before, it'll query one of the root name servers for a name server authoritative for .to.
Please don't /. the named.root files Don't click on it just because you're curious to see what they look like. People need to legitimately access those files to update their DNS servers and flooding the FTP with meaningless requests is highly counterproductive.
/. to let this happen. Slashdotting a news site is one thing, but Slashdotting internic is a very different can.
Also, Slashdot editors, why even let those links get posted? Every person with a browser is clicking on those to see what they look like and making them inaccessable to people who need them. People who need to see them or access them know where they're at already and people who are that curious should exercise a little personal initiative and go find out where to get them. It's irresponsible on the part of
Some people take their .sig way too seriously
I hear flowers and or chocolates will reduce the number of macings a geek will suffer in his lifetime.
You could also ask before you go rooting around the garden.
Boobies never hurt anyone. - Sherry Glaser.
[OS/390]$ whois root-servers.net
.com, .net, and .org domains can now be registered
.COM, .NET, .ORG, .EDU domains and
[whois.crsnic.net]
Whois Server Version 1.3
Domain names in the
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: ROOT-SERVERS.NET
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: A.ROOT-SERVERS.NET
Name Server: F.ROOT-SERVERS.NET
Name Server: J.ROOT-SERVERS.NET
Name Server: K.ROOT-SERVERS.NET
Updated Date: 23-aug-2002
>>> Last update of whois database: Thu, 7 Nov 2002 05:05:26 EST <<<
The Registry database contains ONLY
Registrars.
[whois.networksolutions.com]
The Data in the VeriSign Registrar WHOIS database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information about
or related to a domain name registration record. VeriSign does not guarantee
its accuracy. Additionally, the data may not reflect updates to billing contact
information. By submitting a WHOIS query, you agree to use this Data only
for lawful purposes and that under no circumstances will you use this Data to:
(1) allow, enable, or otherwise support the transmission of mass unsolicited,
commercial advertising or solicitations via e-mail, telephone, or facsimile; or
(2) enable high volume, automated, electronic processes that apply to VeriSign
(or its computer systems). The compilation, repackaging, dissemination or
other use of this Data is expressly prohibited without the prior written
consent of VeriSign. VeriSign reserves the right to terminate your access to
the VeriSign Registrar WHOIS database in its sole discretion, including
without limitation, for excessive querying of the WHOIS database or for failure
to otherwise abide by this policy. VeriSign reserves the right to modify these
terms at any time. By submitting this query, you agree to abide by this policy.
Registrant:
VERISIGN GLOBAL REGISTRY SERVICES (ROOT-SERVERS-DOM)
21345 Ridgetop Circle
Dulles, VA 20166
US
Domain Name: ROOT-SERVERS.NET
Administrative Contact:
Internet Assigned Numbers Authority (IANA) iana@IANA.ORG
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292
US
310-823-9358
Fax- 310-823-8649
Technical Contact:
VeriSign Global Registry Services (REGISTRY) nocnoc@VERISIGN.COM
21345 Ridgetop Circle
Dulles, VA 20166
US
703-948-7064
Fax-703-421-6703
Record expires on 05-Jul-2005.
Record created on 04-Jul-1995.
Database last updated on 7-Nov-2002 15:25:52 EST.
Domain servers in listed order:
A.ROOT-SERVERS.NET 198.41.0.4
F.ROOT-SERVERS.NET 192.5.5.241
J.ROOT-SERVERS.NET 198.41.0.10
K.ROOT-SERVERS.NET 193.0.14.129
A short blurb on this appeared in my local paper today (they don't have it online, sorry). The gist of it is Verisign physically relocated the server to another building on their campus. The stated intent was (1) to move it to an undisclosed location in the interest of physical security, and (2) to get it off a network segment that another root server (a.root-servers.net) was already on.
I'm guessing (and yes, guessing) that it was just to be conservative. There's probably a lot less to do, far fewer people to involve to move a machine across town, that to implement a geographically distributed bunch of servers. Setting up a DNS server and plugging it in might be easy, but coordinating different teams, new locations, procedures, languages for administration etc. isn't trivial.
In fact it's probably a little fiddly procedurally, and a lot fiddly politically. Probably one of those things that gets mired for years.
Does this have to do with the DDOS attacks that happened a couple weeks ago? Why else would they not make an announcement? OTOH, the perpetrators of the attacks wouldn't be fooled for long by a name change.
FoundNews.com - get paid to blog.,
The server j.root-servers.net has changed IP address to 192.58.128.30.
Wow, that's pretty close to my home network address!
SpamNet - a spam blocker that really works
j.root-servers.net was 198.41.0.10 in 198.41.0.0/22, owned by VeriSign Global Registry Services.
j.root-servers.net is 192.58.128.30 now, in 192.58.128.0/24, owned by VeriSign Global Registry Services.
Having both a and j in the same netblock was not a good idea (remember what happened to Microsoft when they had all nameservers in the same netblock?).
See ARIN and ARIN again.
Simple: You know there is a nameserver for slashdot.org, right? You find that nameserver by asking the org nameserver where it is. And how do you find the org nameserver? You ask the root nameservers. The zoot zone is the base zone of the Internet (just like / is the base of the file system in Unix).
'Sensible' is a curse word.
$ ftp rs.internic.net
Connected to rs.internic.net (198.41.0.6).
in.ftpd: error in loading shared libraries: libdl.so.2: cannot open shared object file: Error 23
ftp>
Slashdotted an FTP server. On some sort of *nix. Ouch.
[root@localhost named]# perl -pi.orig -e "s'198.41.0.10'192.58.128.30'" /var/named/named.ca
/var/named/named.ca /var/named/named.ca.orig
[root@localhost named]# diff
67c67
< J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
---
> J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10
When the change was announced, they noted specifically that the current J.ROOT-SERVERS.NET will stay in existance with it's current IP (just no direct DNS entry) and the new one has been moved to a different IP block for DoS protection... The current one will exist for awhile to come.
This isn't really news...
Sig (appended to the end of comments you post, 120 chars)
I wasn't going to click the link, but you make it sound soooooo naughty... ;)
2. This will be seemless to properly configured DNS.
3. This was to move the server to a different subnet from it's 'mirror' for significantly improved reliability.
4. Profit!!!
As long as one of the 13 servers in your hints/cache file responds, your name server will download the updated list on startup.
Can someone tell me why thirteen is the magic number of servers? And why that number apparently hasn't changed in all these years?
Score -1: Clueless....
(hint: Read RFC1918 before posting)
Michael Sims, you're a fucking idiot. You know nothing about the way the internet works. In no way, shape, or form does this cause any instability whatsoever. It improves stability, however slightly.
You might want to stick to articles about politics or censorship or something. Technical issues don't appear to be your forté.
You must put this in your /etc/dnscache/root/servers/@ file :
3 6.4
1 92.5.5.2414 .12
128.63.2.53
128.8.10.90
128.9.0.107
192.112.
192.203.230.10
192.33.4.12
192.36.148.17
192.58.128.30
193.0.14.129
198.32.6
198.41.0.4
202.12.27.33
{{.sig}}
If your DNS admin has some savvy, this link should work for you.
If not, visit
OpenNIC and then ask your DNS admin to support OpenNIC and erode ICANN's dictatorial regime.
So long, and thanks for all the Phish
You are correct... The following are for private IP addresses (e.g. for NATing):
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
This is according to RFC 1918.
B*B,
-Smoke.
How is this [named.root/db.cache] kept up to date? As the network administrator [of your local network], that's your responsibility. Some old versions of BIND did update this file periodically. That feature was disabled, though; apparently it didn't work as well as the authors had hoped. Sometimes the db.cache file is mailed to the bind-users or namedroppers list mailing list. If you are on one of those lists, you are likely to hear about changes. (pg 68)
Bottom line: If you run a nameserver it is your responsibility to keep it up to date. That includes knowing how changes are announced. BIND has also had several well known security problems. If you are running a version < 8.2.5 you should upgrade that as well.
FreeSpeech.org
The usual sites don't breathe a word about this change however as one would expect for such a change to be properly announced.
.-zone. After that has been found, this data is not needed anymore.
The impact of this change is close to zero. The announcement is only necessary for people who distribute name-server software. Why?
- Only the hints-file needs to be changed. The hints file bootstraps the DNS software on where it can find the
- There are still 12 other perfectly reachable servers in the hints-file. They give you all the information needed.
- On the old IP address, a server will keep running for a while.
- Unless you're working for an ISP, you don't need this information. The majority of the internet (windows users) don't have to change anything, they just run use their ISPs nameservers. The majority of the minority of the internet also use the nameservers of the ISP. Only a relative small group run their own servers.
So dear anonymous writer, don't be afraid, the internet is not going to break because of this. No reason for panic, all is fine.
bash$
If that was intended as a joke, it sucked.
/26 or so. This way the chances are low that any private network I want to set up a tunnel with will conflict with my address space...
If not, it is stupid.
The IP addresses that are reserved for private use are:
10.0.0.0/8 (10.x.x.x)
192.168.0.0/16 (192.*168*.x.x)
172.16.0.0/12 (172.16-31.x.x)
Quite frankly, I'm not sure why 99.9% of the network administrators gravitate towards 192.168.1.0/24 as their private network address... Even I chose 192.168.123.0/24 as my network, so I'm partially guilty....
If it is going to always stay a private network, why not just use the full class B? If trying to plan for communications with other private networks in the class B range, why pick something so common?
I personally have started using 10.(random).(random).0/24 when setting up class C networks. When *really* limited use, I constrict it to
Of course I have yet to see 172.16.0.0/12 used by anyone, it's just too damn weird. What's the point? Some routers can't even handle non class a/b/c addresses... But saying you used the class B and a half private network should earn points on some scale..
XML is like violence. If it doesn't solve the problem, use more.
I'm surprised that only one poster has even noticed that Slashdotters are barking up the wrong tree, but even (s)he didn't quite make the connection.
For the most part, root.hints files are maintained by OS/Distribution maintainers, not DNS admins. The hints file is only used to bootstrap a DNS server which will (well, should) retrieve an authoritative copy of the root zone shortly after startup and then rely on that instead. As long as just one of the 13 root server IP addresses listed in a DNS server's root.hints file is correct, the server will successfully retrieve the updated root zone. At the rate at which changes are made to the root zone (or at least, to its delegated servers), it is likely that this condition will hold true for the next 10-20 years.
So, as long as DNS server admins perform an OS upgrade sometime between now and the year 2012, they need not touch their server configuration at all; the change will be handled automatically.
If your immediate DNS handled a request for slashdot.org two seconds previously, it should still be cached -- no need to bother a root server over that. Any request would have go up several levels before a root server would be bothered with it. (Otherwise they'd be continually /.'ed :^)
The root servers could all disappear without a lot of disruption, but only for a short time until the cache entries started timing out.
My backup plan is to toss the entire name space into my local hosts file. I've already got DoubleClick in there for testing. :^)
One line blog. I hear that they're called Twitters now.
As the href="http://computerworld.com/newsletter/0%2C4902 %2C75711%2C0.html?nlid=AM"article in Computer World explains, the move of the DNS server was done for both physical seperation and to move it onto a different LAN segment.
The previous serial number was 1997082200, updated on August 22, 1997.
Well there's not a 'clueless' moderation .. :) I'm kidding,
to answer your question: No. As many other comments have stated there are 13 root servers, if one went down your client's request would simply go to another one. But even 'J' has not completely switched over yet as it will still respond to the old IP address, according to the article for hte "foreseeable future".
So no your DNS problems are probably related to Windows or clueless users or a combination of the two.
The Anti-Blog
> > The new zone serial number is 2002110501.
> What was the old serial number?
1997082200
Beware: In C++, your friends can see your privates!
We're using part of the 172.16.0.0/12 where I am currently . . .
Al Qaeda has ninjas!
our company www.mobilepenguins.com uses all 3 of the reserved ranges. We handle the network for an accounting company next door, and have two seperate lans internally. We decided to use all 3 ranges so its super easy to tell where a computer is when checking logs ("oh, its a 10.x.x.x. box, must be a bean counter").
Lawyers, MBA's, RIAA? A jedi fears not these things!
Ummmm....
1. Thanks for pointing that out, I never realised 'forte' meaning 'strong point' came from the French (my British-English etymological dictionary bears that out as well). Interesting.
2. Did you have to be so damn rude about it? I very nearly modded you down as a troll...
- Oliver
The right to bear arms is only slightly less stupid than the right to arm bears...
I just noticed that the new file is no longer available via gopher ;)
/domain/named.root
/domain/named.root
Old file:...
under anonymous FTP as
; file
; on server FTP.RS.INTERNIC.NET
; -OR- under Gopher at RS.INTERNIC.NET
; under menu InterNIC Registration Services (NSI)
; submenu InterNIC Registration Archives
; file named.root
New file:
; This file is made available by InterNIC
; under anonymous FTP as
; file
; on server FTP.INTERNIC.NET
1. I had a teacher in high school whose only gig was vocabulary. I absolutely hated it then, but I do know a lot of words now...
2. No, but it sure was fun.. and he was being a jackass, so I was just speaking his language. I've been here long enough to not be afraid of the moderators (hell, I am one most of the time), otherwise I would have checked the "no +1 bonus" and "post anonymously" boxes.
A data center I worked in used all three classes for various functions. the 192 network was for all the desktops and small department servers in the corporate network. The big HP unix application and database servers in the ASP were on both the 172 and the 10 network. All the Linux and MS servers were on the 10 network.
http://www.cnn.com/2002/TECH/internet/11/07/intern et.attacks.ap/index.html
A couple of points.
.org).
.GTLD-SERVERS.NET. that server .org.
First, J is not more important than the rest; it's just one of the root servers, period. All the others do not "get their info" from J. (unless I'm missing something)
When a dns lookup happens.... the querying dns server, if it doesn't know the answer, asks one of the root servers for the NS record.
Let's pick an address, like www.slashdot.org
I ping www.slashdot.org
My computer's resolver asks it's specified nameserver for the A record for www.slashdot.org
As I haven't looked at slashdot for a while, and my nameserver doens't have the answer cached, it doesn't know, so it then asks one of the ROOT SERVERS for the NS record for www.slashdot.org
(it does not simply ask for
The root server returns the closest match it has... which in this case is a list of I think 13 servers (A through M)
It then sends a query to one of THOSE nameservers, asking the exact same thing... getting a better answer each time.
In each case, the server actually requests the full domain... not just a piece.. as it narrows in on the right server to get the answer from.
We use the 172.16.0.0/12 range where I work now. My last place of employment used 10.0.0.0/8, but with about 30 locations across the US, they had a good reason. The second byte was used to indicate which site a machine was at, so each site had two bytes of address space to assign numbers sensibly.
Hey kids, there's only 5 days left 'til Yak Shaving Day!
Just a few points here: - I don't think there's a conspiracy here. J is moving and that's it. ICANN does not have to go "stop the presses! J ROOT SERVER is moving". They just have to release the new hints file. There's no need to panic, as someone posted before. - The 13 root servers were attacked, A (hosted by Verisign at undisclosed location ) survived the attack and J didn't. Why not move J to a safer place? - Improving the security of the root servers is a *good* thing, not a bad one. The root servers network is a sensitive one, and everything done there must be done very carefully, especially after the DDoS. - Go get some sleep, the root servers around the world will grant you the right to translate IP addresses :)
So they say they are the dot in dot com, but they should really say they are the dot in dot com dot, because they are really the dot after com not the dot before com. However this last dot is often forgotten, it really means the name is absolute rather than relative. This is very much like the leading slash in paths to files.
Hmm, now I'm writing on slashdot about leading slashes and trailing dots, what a coincidence.
Do you care about the security of your wireless mouse?
dig . soa >
And restart your nameserver.
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
There's a fairly terse intro to how DNS actually works at http://cr.yp.to/djbdns/intro-dns.html.
The documentation uses examples in tinydns data format, as it is the software the author has written to handle DNS queries.
- Michael T. Babcock (Yes, I blog)
This word, meaning "strong point," from French fort, meaning "strong," can be pronounced with one syllable, like the English word fort, or with two syllables. The two-syllable pronunciation, (fôrt), is probably the most common in American English, but some people dislike it, arguing that it properly belongs to the music term forte from Italian.
It was discussed on alt.english.usage a long time ago, and I have taken it upon myself to add an accent, similar to café to show what I consider the correct pronunciation, at least on my side of the pond. Every time I hear it here (mid-Atlantic region of the US), it's two syllables.
Slashdot is a global communication device. I try not to judge people based on their spelling or grammar. I was lambasting someone for making snide comments about technological issues, when they were obviously lacking in knowledge on those issues. I think, although perhaps rude, that I was, technically, correct. You, however, make the assumption that everyone lives in your neighborhood, went to your school, dresses like you, acts like you, and should therefore think (and speak) like you.
It's OK to flame someone for a spelling mistake if they were in turn flaming someone for a spelling mistake. If you think you 'won' the argument by pointing out a technical flaw in my writing, perhaps you should take a course in logic and reasoning.
P.S. I consider the OED to be the final word on these kinds of disputes. The OED says the two-syllable pronunciation is just fine. The accent mark is my own little attempt to change the world. Have a nice day.
We use 172.x.y.0/24 here ... :)
- Michael T. Babcock (Yes, I blog)