Homebrew RELEASE yaDNS-NX - Yet another DNS for connect your Switch to your WiFi without internet - In a docker

[PsychoRabbit]

This is a docker image with a nginx+bind9 server to allow your Nintendo Switch to connect on your WiFi network while disallowing access to internet or Nintendo servers.
A possible use of this is if you want to connect your Switch to your WiFi network only for FTP or if you don't have internet and the Nintendo Switch won't pass the two checks while connecting to your WiFi.

Note
This docker blocks every nintendo server, every *.nintendo.net and every *.nintendowifi.net


How to use:
You need to have docker installed on your system.

• Pull the image from Docker hub: docker pull luiscassih/yadns-nx
• Run the image: docker run --name yadns-nx -d -p 80:80 -p 53:53 -p 53:53/udp luiscassih/yadns-nx 192.168.1.27 where 192.168.1.27 must be your computer local IP address. You can check yours with a ipconfig, ifconfig or ip address, depending on your OS.
• On your Nintendo Switch network settings, change the DNS entry of your WiFi Network and set your primary and secundary DNS to your computer ip. e.g. 192.168.1.27
• Optional: If you declare a secondary DNS to a valid dns ip like 8.8.8.8 from Google, you will have internet access (no online gaming for the moment) but without a valid connection on nintendo servers.
• Note: If you have issues with the connection, you may check your firewall settings or if you have other services running on port 80 & 53.

If you are not familiar with docker usage, you may know the docker run command creates a container with the image and names it to yadns-nx, so you only need to run this once. After that (e.g. you restart your computer) you only need to do a docker start yadns-nx to restart the container.

Also if you want this docker to continue running after the system reboot, on the first time running the docker add --restart always to the running command

docker run --name yadns-nx -d -p 80:80 -p 53:53 -p 53:53/udp --restart always luiscassih/yadns-nx 192.168.1.27

But if the container was already created, you can update with:
docker update --restart always yadns-nx (or the container id)

Verify doing a docker inspect yadns-nx and looking for
"RestartPolicy": {
"Name": "always",
"MaximumRetryCount": 0
}

After that, the docker will start within the service on the system startup.

The way it works for the moment it's pretty simple, it will intercept any request made to *.nintendo.net and *.nintendowifi.net and respond with a 200 OK with X-Organization Nintendo header.

This is made for the people who doesn't want to download, install and configure a nginx+bind9 server and only want to connect simply for FTP or so.

You can also customize the nginx.conf to serve your own website instead of returning a simple "200 OK".



Guide for docker toolbox users, thanks to @zboubinou :
(This guide is for users who cannot install the standard version of Docker and needs to use Docker Toolbox)

Download and install docker toolbox as usual.

Create a docker VM using docker-machine create vbox in your docker directory or using the quick start terminal.

Once the VM is created, shutdown it. Go to virtual box and right click on your VM to access the configuration menu.
In network, add a bridge access to your computer wifi card by adding a virtual card or changing an existing one.

If you can't access your VM configuration using virtualbox, remove your VM and create a new one using docker-machine :

docker-machine create -d "virtualbox" --virtualbox-ui-type "gui" vbox

This way your VM will open like any other virtual box VM. Then you can shutdown it and add a bridge access to your VM.

Connect to the network on wich you want to ftp before launching the VM. Your VM has now an IP adress on your local network different from your computer IP.

Follow the How to use guide using your VM IP instead of your computer IP.


Also, you can host your own public DNS server
You need to configure your router to let pass the port 80 and 53 tcp and 53 udp to your computer. Then you need to change the ip on the docker run command and use your public ip. Example: if your public ip is 152.168.60.227, do
docker run --name yadns-nx -d -p 80:80 -p 53:53 -p 53:53/udp --restart always luiscassih/yadns-nx 152.168.60.227
and then you will have a public dns to share at 152.168.60.227
Every Switch has to put 152.168.60.227 in their Primary DNS. However, if they want to have internet while blocking nintendo server, they need to put 8.8.8.8 (or another valid) in their Seconday DNS.

Github Source: https://github.com/luiscassih/yaDNS-NX
Docker hub: https://hub.docker.com/r/luiscassih/yadns-nx/

 

[Scrlklk]

DNS sever gets timed out.
I am on macos, ports 80/53 are free and the firewall has already been turned off.

 

[PsychoRabbit]

DNS sever gets timed out.
I am on macos, ports 80/53 are free and the firewall has already been turned off.

Did you set the ports when you run the docker? The docker runs well? Try with "docker logs".
Another thing you can try is a "telnet yourlanip 53" to see if the port is listening outside your mac.

 

[sj33]

Curious, can we set the primary
DNS to 8.8.8.8 to connect to the internet without any connection to Nintendo? That seems like it would be useful for people who cannot set up docker.

 

[PsychoRabbit]

Curious, can we set the primary
DNS to 8.8.8.8 to connect to the internet without any connection to Nintendo? That seems like it would be useful for people who cannot set up docker.

If you set the primary DNS it will know where Nintendo is. But setting 8.8.8.8 as your secondary DNS, it will behave as you said, it will have internet connection without nintendo servers.
Later this week I'll update with only blocking update servers instead of everything *.nintendo.net / *.nintendowifi.net

Also, setting up Docker is really easy on every OS, just a few install commands or a pair of "next" clicks on windows

 

[sj33]

Actually I would prefer it to block all Nintendo servers! We already have an external DNS which blocks the update servers! I’d personally just like to be able to use FTP without any way for the console to ‘phone home’ back to Nintendo.

 

[vizzerx]

Did you set the ports when you run the docker? The docker runs well? Try with "docker logs".
Another thing you can try is a "telnet yourlanip 53" to see if the port is listening outside your mac.

Same here, not working.

 

[trueicecold]

I know this probably wont be pretty useful, but I made a docker image with a nginx+bind9 server to allow your Nintendo Switch to connect on your WiFi network but without accessing internet.
A possible use of this is if you want to connect your Switch for FTP access but with no risk of Nintedo updates. Also it can be used to DNS block nintendo services.

How to use:
You need to have docker installed on your system.

• Pull the image from Docker hub: docker pull luiscassih/yadns-nx
• Run the image: docker run --name yadns-nx -d -p 80:80 -p 53:53 -p 53:53/udp luiscassih/yadns-nx 192.168.1.27 where 192.168.1.27 must be your computer local IP address. You can check yours with a ipconfig, ifconfig or ip address, depending on your OS.
• On your Nintendo Switch network settings, change the DNS entry of your WiFi Network and set your primary and secundary DNS to your computer ip. e.g. 192.168.1.27
• Optional: If you declare a secondary DNS to a valid dns ip like 8.8.8.8 from Google, you will have internet access (no online gaming for the moment) but without a valid connection on nintendo servers.
• Note: If you have issues with the connection, you may check your firewall settings or if you have other services running on port 80 & 53.

The way it works for the moment it's pretty simple, it will intercept any request made to *.nintendo.net and *.nintendowifi.net and respond with a 200 OK with X-Organization Nintendo header.
Maybe I will update soon to allow access to nintendo servers for online gaming only.

This is made for the people who doesn't want to download, install and configure a nginx+bind9 server and only want to connect simply for FTP or so.

You can also customize the nginx.conf to serve your own website instead of returning a simple "200 OK".

Github Source: https://github.com/luiscassih/yaDNS-NX
Docker hub: https://hub.docker.com/r/luiscassih/yadns-nx/

Thanks a lot! I'll give it a try today

 

[PsychoRabbit]

Pushed new changes and made a new build of this docker. I forgot a to make a little change when passing from dev to release and forgot to remove my local ip address lol. I don't know how I forgot that .

Anyways, a new version of this has been built, if anyone still cannot make it to work, let me know please. Thanks.

Also, any changes you want me to make, let me know too.

 

[Catzilla]

• Run the image: docker run --name yadns-nx -d -p 80:80 -p 53:53 -p 53:53/udp luiscassih/yadns-nx 192.168.1.27 where 192.168.1.27 must be your computer local IP address. You can check yours with a ipconfig, ifconfig or ip address, depending on your OS.

if my computer local IP address is something else like 192.168.1.99 , can i set the DNSes on the switch point to this ip address and i replace the command for windows as "docker run --name yadns-nx -d -p 80:80 -p 53:53 -p 53:53/udp luiscassih/yadns-nx 192.168.1.99"?

Will it continue to work?

 

[PsychoRabbit]

if my computer local IP address is something else like 192.168.1.99 , can i set the DNSes on the switch point to this ip address and i replace the command for windows as "docker run --name yadns-nx -d -p 80:80 -p 53:53 -p 53:53/udp luiscassih/yadns-nx 192.168.1.99"?

Will it continue to work?

Yep, the IP DNS on the switch and the IP on the command should be the same as your computer ip, as this case 192.168.1.99, it should work

Note that if your local ip changes in any time after the first run, you may delete the older docker container and run the "docker run" command again to generate a new container with the new ip. Or exec a bash in your container and edit the IP manually.

 

[Catzilla]

Yep, the IP DNS on the switch and the IP on the command should be the same as your computer ip, as this case 192.168.1.99, it should work

Note that if your local ip changes in any time after the first run, you may delete the older docker container and run the "docker run" command again to generate a new container with the new ip. Or exec a bash in your container and edit the IP manually.

thank you i will try it later when i get home

 

[Catzilla]

Error response from daemon: Conflict. The container name "/yadns-nx" is already in use by container "bb73d56b237718facb34581c95556b17a633d9421934ffed5a2f11d5c70d1dc6". You have to remove (or rename) that container to be able to reuse that name.
See 'docker run --help'.

followed the guide but doesnt work the same way again after i restarted my PC. Any suggestions?

 

[PsychoRabbit]

Error response from daemon: Conflict. The container name "/yadns-nx" is already in use by container "bb73d56b237718facb34581c95556b17a633d9421934ffed5a2f11d5c70d1dc6". You have to remove (or rename) that container to be able to reuse that name.
See 'docker run --help'.

followed the guide but doesnt work the same way again after i restarted my PC. Any suggestions?

That because the "docker run" command creates a container, so after run it again it tries to create a container with the same name.
Do a "docker start yadns-nx" to restart the container.

I'll add this to the first post.

 

[Catzilla]

Think i got your tool working but just checking, when i select "Connect to this network" should i pass all checks including both Local Network and Internet? Or should i pass the connection to Local Network yet fail to connect to Internet?

Any easy way to check if everything is working as intended? Don't want the switch to call home.

 

[SagaXIV]

Made an account just to thank you for this little piece of docker. It's exactly what I needed!

@Catzilla: If configured properly, bot "checks" should go through, yes.

 

[Catzilla]

Made an account just to thank you for this little piece of docker. It's exactly what I needed!

@Catzilla: If configured properly, bot "checks" should go through, yes.

"I know this probably wont be pretty useful, but I made a docker image with a nginx+bind9 server to allow your Nintendo Switch to connect on your WiFi network but without accessing internet."

so its safe to pass the internet connection check with this tool? Abit confused by PsychoRabbit's statement about internet access. Want to make sure i didn't messed up.

 

[SagaXIV]

Long answer:

Let's put it simply, for the Switch to be connected "at all", be it on your LAN, it needs a response from the Nintendo servers when checking internet connexion. This docker, as I understand it, 1) block Nintendo's DNS, 2) send that repsonse in stead of Nintendo's servers. My Switch internet access is blocked on my router, so it can acess Internet at all, but as long as it dosnt have that "response" from servers, it simply dosnt connect to lan as well.

So now, my switch is connected to LAN (meaning I can use FTPD, for exemple), but since I blocked it on my router it dosnt acess Internet.

Short Answer: I think it's never totally safe to go online with a modded Switch. See if that docker suits up your needs.

 

[PsychoRabbit]

It pass the two nintendo checks because like SagaXIV said, this docker sends a response to the switch instead of Nintendo.
As long as you put only your computer ip in the DNS settings on the Nintendo Switch, you will not have internet access. So if you go to the eshop it simply won't load.

 

[Catzilla]

It pass the two nintendo checks because like SagaXIV said, this docker sends a response to the switch instead of Nintendo.
As long as you put only your computer ip in the DNS settings on the Nintendo Switch, you will not have internet access. So if you go to the eshop it simply won't load.

ok i think everything's working as described. Thanks for this useful tool and help along the way!
The only trouble i have was Docker being stupid and doesnt work properly after every PC reboot. Dockers was set to automatically boot up along with Windows but I have to restart Dockers after that every time for it to work.