First of all, thanks for the answer! Unfortunately, there are a lot of things that I don't really understand yet.
1. What do you mean by burning fuses? I figured I'd just update the sysNAND through Wifi as usual if it becomes a necessity in the future (however CFW gives more control over which version you'd want to update to and if I'd wanted to do that I could use Daybreak again, but this time on sysNAND /w Atmosphere).
2. This is a situation where one experienced and seemingly knowledgable user tells me one thing and the other tells me something else. I've found so much info about this and contradictory statements it's really confusing.
The NH Switch guide suggested using this emummc.txt file in atmosphere/hosts as your DNS-MITM redirection config (note how the top line comment mentions this is a "90 DNS equivalent":
# 90DNS-equivalent
# 90DNS-equivalent
127.0.0.1 *nintendo.com
127.0.0.1 *nintendo.net
127.0.0.1 *nintendo.jp
127.0.0.1 *nintendo.co.jp
127.0.0.1 *nintendo.co.uk
127.0.0.1 *nintendo-europe.com
127.0.0.1 *nintendowifi.net
127.0.0.1 *nintendo.es
127.0.0.1 *nintendo.co.kr
127.0.0.1 *nintendo.tw
127.0.0.1 *nintendo.com.hk
127.0.0.1 *nintendo.com.au
127.0.0.1 *nintendo.co.nz
127.0.0.1 *nintendo.at
127.0.0.1 *nintendo.be
127.0.0.1 *nintendods.cz
127.0.0.1 *nintendo.dk
127.0.0.1 *nintendo.de
127.0.0.1 *nintendo.fi
127.0.0.1 *nintendo.fr
127.0.0.1 *nintendo.gr
127.0.0.1 *nintendo.hu
127.0.0.1 *nintendo.it
127.0.0.1 *nintendo.nl
127.0.0.1 *nintendo.no
127.0.0.1 *nintendo.pt
127.0.0.1 *nintendo.ru
127.0.0.1 *nintendo.co.za
127.0.0.1 *nintendo.se
127.0.0.1 *nintendo.ch
127.0.0.1 *nintendo.pl
127.0.0.1 *nintendoswitch.com
127.0.0.1 *nintendoswitch.com.cn
127.0.0.1 *nintendoswitch.cn
95.216.149.205 *conntest.nintendowifi.net
95.216.149.205 *ctest.cdn.nintendo.net
So I'm kinda assuming it at least tries to accomplish the exact same thing as 90DNS (which I've also seen other people saying shouldn't be used anymore). After a suggestion from another user, I also looked at the rentry guide on DNS-MITM and Exosphere. What I have right now is basically the file above (cause it includes all the redirects from the rentry guide) and exosphere.ini files in the root of my SD card and emummc/RAW1. My emuMMC is on 17.0.1, so what you're saying is if I were to remove the emummc.txt then exosphere would prevent my console from booting into what, both sysNAND (still on 16.0.3) and emuNAND? So it's essentially another layer of security that ensures that DNS-MITM is doing its thing?
And just to clarify, your suggestion would be to use 90DNS only?
3. Okay, that is good to know. Makes me wonder though why I saw people saying they were fucked after accidentally updating to 18.0.0 (how can that even happen if you block the Nintendo servers?).
4. I can't tell what exactly the difference is between those two methods because I don't know what's happening in the background, what I do is inject the hekate_ctcaer_6.1.0.bin payload, inside hekate I just launch into emuMMC, sounds like the method you're recommending. So just overwriting the hekate_ipl.ini was actually right. Still, there might be an issue with my sigpatches, but I need to look into it further.
5. Alright, mental note taken, thank you.