- Thread starter AveSatanas
- Start date
- Views 784,426
- Replies 603
- Likes 100
If youre already banned then using 90dns sort of doesnt make sense as 90dns is used only for avoiding bans
Late to the party, but been trying pihole and this worked like butter. Thanks.
Edit: Actually this seems to have broken my dns altogether.
And manually adding blacklist exceptions to the nintendo servers seems to make my Switch fail the internet check so I cant get on.
Last edited by TheGlow,
Hello Ave, I see the gitlab moved, but I'm not seeing this host there. I tried the dnsmasq mentioned earlier for pihole but it seems to break all my dns and service fails.
How did it break your dns? All you did was add an additional rule set to your pihole, which is your dns.
Your system needs to access the ctest.cdn.nintendo.net url and expects a 200 http response (see the selfhost instructions in the 90dns gitlab for more details).
The way I have set it up is to block all Nintendo urls on my router so no traffic to Nintendo servers can leave my local network (only applied to specific devices, though, so only my switch is affected by this).
I have then installed pihole and nginx as docker containers on my raspberry pi and have pihole set up to redirect the url ctest.cdn.nintendo.net (and another one) to the nginx docker running on the same raspberry pi.
Works like a charm for me.
Im still learning the home labbing portion. I followed the steps xdpirate provided and for whatever reason the DNS service wouldnt run anymore. It wasnt until I went back in and deleted the 02-90dns.masq did it let me restart the service properly. So I know enough to get the ball rolling but not really trouble shoot much else. Selfhosting direction seems confusing. Like I saw the 90dns.masq file but didn't seem to have any IP's in it, so this is all over my head. Hence I thought just adding it all in a blacklist would work, but apparently thats not valid. His steps also mentioned changing the IP, and I search 192 and 172 and didnt find anything. so not sure I'm missing something.
Last edited by TheGlow,
I don't know who xdpirate is and what steps he provided you with. Or where you get the 02-90dns.masq file from or what it contains.
When you open the file in a text editor, what does it look like? Maybe you downloaded the HTML representation of the gitlab page instead of the RAW text.
"
sudo wget https://gitlab.com/ao/90dns/raw/master/dnsmasq/dnsmasq.conf -O /etc/dnsmasq.d/02-90dns.conf
sudo sed -i -e "s/192.168.0.1/$(hostname -I)/g" /etc/dnsmasq.d/02-90dns.conf
pihole restartdns"
Ok, I see what you mean. If I went on pc and did save as, I get html. But if just clicking it, i get the real file. Odd. Also I see now the repo had changed so I'm a bit puzzled on what it stuck in there then.
I changed the command to the new location, sudo wget https://gitlab.com/a/90dns/raw/master/dnsmasq/dnsmasq.conf -O /etc/dnsmasq.d/02-90dns.conf and when I do a vi on the new 02-90dns.conf it's normal. That sudo sed command didnt seem to do anything.
So I replaced the 127 with my pihole. I added my interface as per piholes admin page. Do I need to do anything with the 95.216.149.205 entries?
From my pc it appears to be working properly. I'll test on the switch momentarily.
You don't need to replace 127.0.0.1, that is already local host and leads to nowhere (I.e. Already blocked.
If you selfhost the connection test, you need to change those two lines to point to your Webserver.
Ok, wasn't 100% sure if needed 127.0.0.1 or not, but similar result. I don't run my own webserver, so I guess I can leave those. Those are just for the initial wifi check I assume?
I guess at some point I'll look into hosting a web server option. Is it looking for anything in particular or would something like pointing to my Plex work since it somewhat is running a browser service.
The two lines not pointing to 127.0.0.1 are for the WiFi check, yes. They do point to outside sources so connections to those will still need to leave your local network.
If you do want to contain this traffic locally as well, you'll need to set up a local server that responds to http queries with the proper response (I.e. Pointing it to any old webservice doesn't work).
If you look at the "nintendowifi" file in the nginx folder of the 90 dns repo, you can see the response it expects.
Thanks. Any suggestions on the bare minimum I should need for web service? I'm in between messing around with labbing and have esxi up so far just a win2k16 network share and pihole. Eventually need to move torrents and plex off my main pc to a vm. So web server wouldn't be a bad idea. I think I can do something like iis on the win2k for now? I have an ubuntu vm initially planned for plex that I havent touched yet.
Any Webserver should do, as long as you can determine the response it gives to requests on port 80.
Setting up a win 2k16 server seems overkill to me but if that's what you know, that should do the trick.
Setting up a win 2k16 server seems overkill to me but if that's what you know, that should do the trick.
- Joined
- Mar 3, 2009
- Messages
- 158
- Trophies
- 0
- Location
- Location
- Website
- yonihq.blogspot.com
- XP
- 387
- Country
Yea, overkill in general but I have an ntfs 8tb drive that I wanted to keep as is in the event the labbing doesnt work out, etc, so I can put back into my win10 machine. So in that respect I set up a win2k16 vm just to share this drive. So I installed iis and can connect to it in browser but seems it fails the check, and opens the default webpage on the Switch. So I guess I need some other kind of default page offered up I guess.
I saved the html that http://95.216.149.205/ offers initially and set that as my default. It loads on my pc but Switch fails the check and then launches that page, so I guess theres some more dependencies.
Ok, I see the portion about this setup. I'll get on that next.
Edit: Got it. Looks like there wasnt an iis option. Removed iis, installed apache and had it running within 15 minutes. Many thanks for getting me on the right path.
Last edited by TheGlow,
Regular hosts file approach didn't work, so I deleted it shortly after putting it up.
dnsmasq is the proper option. Do edit out the "interface" line though, otherwise it won't work.
Similar threads
