Homebrew RELEASE 90DNS: DNS server for blocking all Nintendo Servers

AveSatanas

Well-Known Member
OP
Member
Joined
Aug 7, 2018
Messages
155
Trophies
0
XP
909
Country
Chad
Hey all!

90DNS is a DNS and HTTP setup running together to block all Nintendo traffic while 1) passing connection test without connecting to Nintendo servers 2) allowing anything that isn't Nintendo (so you can still enjoy homebrew).

People tried a number of games that are not using Nintendo servers for online play (fortnite, paladins, hulu) and reported that they do not work.

YouTube doesn't work unless you launch it once before using 90DNS, but I heard that there's a file that's going around that you can install that bypasses the online checks. Dig for that if you're interested.

We (as LavaTech) actually did this half a month ago and released it on reddit, but it seems like people all around the scene were interested in it so I guess it's time to release it here too.

Here's the GitLab repo, it has the code, configs and the self-host guide (it's a bit too confusing and complicated to put here).

WORKS ON ALL FIRMWARES BUT AS ALWAYS, USE AT YOUR OWN RISK.

You might get system updates, that's normal, and doesn't mean that bannable data is sent to Nintendo.

Setup Instructions

Optional: If you really want to be sure that 90DNS will protect you, then you can test for DNS hijacks (done sometimes by ISPs) by running the 90DNS tester. Just install the latest version of Python (works on both 2 and 3), install dnspython ("pip install dnspython"), get the script, run it on command line. If you get "It should be safe to use 90DNS on this network.", then it should be all good. If you don't get that, follow the self-host guide.
  • Go to System Settings
  • Go to Internet tab
  • Open Internet Settings
  • If you already have a wifi network: Tap on your wifi network, pick Change Settings
  • If you don't have a wifi network added, open Manual Setup and set up your network name, SSID and Security
  • Set DNS Settings to Manual
  • If you live in North or South America: Set primary DNS to "207.246.121.77", and secondary DNS to "163.172.141.219".
  • If you live anywhere else: Set primary DNS to "163.172.141.219", and secondary DNS to "207.246.121.77".
  • Save and then connect to your wifi
Success, all Nintendo servers should now be blocked on your Switch.

Regarding claims of not blocking updates

I can't reproduce this issue after EXTENSIVE testing. If you have this issue then please run tester, and if it does succeed, DM me. If not, call your ISP and blame them.

Disclaimer

Obviously, use this at your own risk. While I used it without getting banned and so did many others, Nintendo is unpredictable so I can't guarantee that this will prevent a ban.

Going online without 90DNS or a similar solution may result in a ban as it'll send telemetry to Nintendo, so I don't recommend doing that. If you really want to go online, just restore to a NAND backup taken before your bannable actions.
 
Last edited by AveSatanas, , Reason: Add USA

AveSatanas

Well-Known Member
OP
Member
Joined
Aug 7, 2018
Messages
155
Trophies
0
XP
909
Country
Chad
How long it works? Always ?
Not sure what you mean by this.

Here's some attempts at answering what you probably meant:

Q: Am I supposed to keep it on all the time?
A: Yes, you do keep it on all the time. Turning it off will send telemetry data to N, and you'll probably be banned.

Q: How long will you keep the server on? Always?
A: I do plan to keep the official DNS servers up for at least one more year, but if people are still using it then, I'll keep it up for more.

Q: Will it work on all software updates?
A: Yeah, it should work on 1.0.0-5.1.0. Might even work on 3DS or Wii U, though I only tested it on Switch (please let me know if it works on them). I can't comment on future software updates, that's up to Nintendo.

If your question isn't any of those, please feel free to ask again with a more clear wording.
 

_gianno

Well-Known Member
Newcomer
Joined
Jun 28, 2018
Messages
82
Trophies
0
Age
25
XP
524
Country
Italy
Finally i've found a DNS which automatically reconnect my switch to Internet connection when I wake it up after rest mode.
Every other DNS brings me to re configure connection after every rest mode.
 
  • Like
Reactions: AveSatanas

AveSatanas

Well-Known Member
OP
Member
Joined
Aug 7, 2018
Messages
155
Trophies
0
XP
909
Country
Chad
Will this work with games such as Paladins that don't use Nintendo servers?
No clue, if you test it, please report back with your results.

Someone tested Fortnite and it didn't work for them, btw.

Neat, I guess this does the same thing as the stealth in SX OS 1.6, only that it works outside of CFW, which makes it a lot more useful.
90DNS came out earlier than SXOS 1.6 too, and by that ~17 days. Inb4 TX got the idea or the blocklist from 90DNS.
 

The0919

Well-Known Member
Member
Joined
Oct 29, 2017
Messages
116
Trophies
0
Age
18
Location
Behind you
XP
601
Country
United States
No clue, if you test it, please report back with your results.

Someone tested Fortnite and it didn't work for them, btw.


90DNS came out earlier than SXOS 1.6 too, and by that ~17 days. Inb4 TX got the idea or the blocklist from 90DNS.
Just tried it, Paladins and Hulu do not work
 

elm

Well-Known Member
Member
Joined
Jun 20, 2007
Messages
601
Trophies
0
XP
1,389
Country
United States
So this will connect you to the internet but not to Nintendo Servers. Just to make sure, this won't connect to Nintendo's eShop to get updates for games?

And whomever is hosting the servers plan to keep it going for at least a year?

Thanks
 
Last edited by elm,
  • Like
Reactions: Darth Meteos

AveSatanas

Well-Known Member
OP
Member
Joined
Aug 7, 2018
Messages
155
Trophies
0
XP
909
Country
Chad
Just tried it, Paladins and Hulu do not work
Thanks for testing them out, will update the post.

So this will connect you to the internet but not to Nintendo Servers. Just to make sure, this won't connect to Nintendo's eShop to get updates for games?

And whomever is hosting the servers plan to keep it going for at least a year?

Thanks
Yes, it'll connect to internet but not to Nintendo servers. You won't be able to get game updates through eShop, no.

I'm hosting one of the servers and @Adran_Marit is hosting the other. I already host a bunch of other stuff and some of them have already been up for years so I don't think that it's worth worrying about.

Why is it called 90DNS, anyway?
Because "Ninety" looks like "Ninty". It was going to be NintyDNS (or nindns) at first but I changed my mind later as I wanted to do some dumb word play.
 
Joined
Mar 17, 2010
Messages
21,254
Trophies
3
Location
Space
XP
10,062
Country
Norway
Thanks for testing them out, will update the post.


Yes, it'll connect to internet but not to Nintendo servers. You won't be able to get game updates through eShop, no.

I'm hosting one of the servers and @Adran_Marit is hosting the other. I already host a bunch of other stuff and some of them have already been up for years so I don't think that it's worth worrying about.


Because "Ninety" looks like "Ninty". It was going to be NintyDNS (or nindns) at first but I changed my mind later as I wanted to do some dumb word play.
I thought it was called 90DNS because it blocked 90 addresses :P
 
  • Like
Reactions: BlastedGuy9905

Mobutu16

Active Member
Newcomer
Joined
Jun 17, 2018
Messages
37
Trophies
0
Age
110
XP
215
Country
Nigeria
Are 90DNS blocking these? @AveSatanas

//Services
aauth-*.ndas.srv.nintendo.net; //App Authentication; Generates the App Key (Needed to Play Online)
dauth-*.ndas.srv.nintendo.net; //Device Authentication; Generates the Device Key (Needed to Play Online)
api-*.*.srv.nintendo.net; //Get App Data
app-*.*.npns.srv.nintendo.net; //Get App Data
broker.*.npns.srv.nintendo.net;
consumer.*.npns.srv.nintendo.net;
web-*.share.srv.nintendo.net; //Social Network Share
assets-*.share.srv.nintendo.net; //Social Network Share
receive-*.*.srv.nintendo.net; //Log Server

//Connection Test
//ctest.cdn.nintendo.net; //Need Unblocked to Let Connection to Internet
ctest-*-*.cdn.nintendo.net;
nasc.nintendowifi.net

//Game Checks CERT, Gold, etc...
beach.hac.*.eshop.nintendo.net; //Checks the Game CERT, RetrieveGold Feature, Link Device and VirtualAccount?

//Updates
sun.hac.*.d4c.nintendo.net; //Check for System Updates
//aqua.hac.*.d4c.nintendo.net; //Check for Updates and Check Required System Update; Needed to GameUpdates
//superfly.hac.*.d4c.nintendo.net; //Check for Updates and Get TitleInfo; Needed to GameUpdates
//atum.hac.*.d4c.nintendo.net; //CDN-Download for Games/Updates; Needed to GameUpdates

atumn.hac.*.d4c.nintendo.net; //CDN-Download for System Apps
tagaya.hac.*.eshop.nintendo.net; //VersionList for Games
pearljam.hac.*.eshop.nintendo.net; //Sugar and Civil?

//Account
accounts.nintendo.com; //Access to Account and eShop
api.accounts.nintendo.com; //Account Metadata (Needed to Play Online)
*.baas.nintendo.com; //Account Metadata, Blocked Friends, View and Add Friends (Needed to Play Online)

//eShop
bugyo.hac.*.eshop.nintendo.net; //Access to eShop
ecs-*.hac.shop.nintendo.net; //Access to eShop and GetTickets/AccountStatus
pushmo.hac.*.eshop.nintendo.net; //Download Games/App from eShop
ias-*.hac.shop.nintendo.net; //Reg-Challenge-Unreg-RegInfo-TicketSync-AccountTransfer-SyncReg

//News and Content
bcat-topics-*.cdn.nintendo.net; //News&Content Topics
bcat-list-*.cdn.nintendo.net; //News&Content List
service-status-*.cdn.nintendo.net;
g*-*.s.n.srv.nintendo.net;
 

AveSatanas

Well-Known Member
OP
Member
Joined
Aug 7, 2018
Messages
155
Trophies
0
XP
909
Country
Chad
Are 90DNS blocking these? @AveSatanas

//Services
aauth-*.ndas.srv.nintendo.net; //App Authentication; Generates the App Key (Needed to Play Online)
dauth-*.ndas.srv.nintendo.net; //Device Authentication; Generates the Device Key (Needed to Play Online)
api-*.*.srv.nintendo.net; //Get App Data
app-*.*.npns.srv.nintendo.net; //Get App Data
broker.*.npns.srv.nintendo.net;
consumer.*.npns.srv.nintendo.net;
web-*.share.srv.nintendo.net; //Social Network Share
assets-*.share.srv.nintendo.net; //Social Network Share
receive-*.*.srv.nintendo.net; //Log Server

//Connection Test
//ctest.cdn.nintendo.net; //Need Unblocked to Let Connection to Internet
ctest-*-*.cdn.nintendo.net;
nasc.nintendowifi.net

//Game Checks CERT, Gold, etc...
beach.hac.*.eshop.nintendo.net; //Checks the Game CERT, RetrieveGold Feature, Link Device and VirtualAccount?

//Updates
sun.hac.*.d4c.nintendo.net; //Check for System Updates
//aqua.hac.*.d4c.nintendo.net; //Check for Updates and Check Required System Update; Needed to GameUpdates
//superfly.hac.*.d4c.nintendo.net; //Check for Updates and Get TitleInfo; Needed to GameUpdates
//atum.hac.*.d4c.nintendo.net; //CDN-Download for Games/Updates; Needed to GameUpdates

atumn.hac.*.d4c.nintendo.net; //CDN-Download for System Apps
tagaya.hac.*.eshop.nintendo.net; //VersionList for Games
pearljam.hac.*.eshop.nintendo.net; //Sugar and Civil?

//Account
accounts.nintendo.com; //Access to Account and eShop
api.accounts.nintendo.com; //Account Metadata (Needed to Play Online)
*.baas.nintendo.com; //Account Metadata, Blocked Friends, View and Add Friends (Needed to Play Online)

//eShop
bugyo.hac.*.eshop.nintendo.net; //Access to eShop
ecs-*.hac.shop.nintendo.net; //Access to eShop and GetTickets/AccountStatus
pushmo.hac.*.eshop.nintendo.net; //Download Games/App from eShop
ias-*.hac.shop.nintendo.net; //Reg-Challenge-Unreg-RegInfo-TicketSync-AccountTransfer-SyncReg

//News and Content
bcat-topics-*.cdn.nintendo.net; //News&Content Topics
bcat-list-*.cdn.nintendo.net; //News&Content List
service-status-*.cdn.nintendo.net;
g*-*.s.n.srv.nintendo.net;

I'm blocking everything on nintendo.net, nintendo.com and dozens of other Nintendo domains. Those include these. I'm also hosting a fake ctest and conntest so that you can connect to internet (and stay connected after wake) without contacting Nintendo.
 
Last edited by AveSatanas,

Adran_Marit

Walküre's Hacker
Member
Joined
Oct 3, 2015
Messages
3,117
Trophies
1
Location
42*South
XP
3,075
Country
Australia
So this will connect you to the internet but not to Nintendo Servers. Just to make sure, this won't connect to Nintendo's eShop to get updates for games?

And whomever is hosting the servers plan to keep it going for at least a year?

Thanks


Thanks for testing them out, will update the post.


Yes, it'll connect to internet but not to Nintendo servers. You won't be able to get game updates through eShop, no.

I'm hosting one of the servers and @Adran_Marit is hosting the other. I already host a bunch of other stuff and some of them have already been up for years so I don't think that it's worth worrying about.


Because "Ninety" looks like "Ninty". It was going to be NintyDNS (or nindns) at first but I changed my mind later as I wanted to do some dumb word play.

I'll be hosting the one on my end for as long as humanly possible
 

crissal

Well-Known Member
Member
Joined
Dec 3, 2017
Messages
137
Trophies
0
XP
562
Country
Italy
Thank you very much! Gonna try it
EDIT: Nope @AveSatanas , is giving me error 2110-3127 (first step of connection is fine, second gives me this error): cannot resolve DNS names.
I tried both with 163.172.141.219 primary and 45.248.48.62 secondary and with 163.172.141.219 for primary and secondary.
 
Last edited by crissal,
General chit-chat
Help Users
  • No one is chatting at the moment.
    Psionic Roshambo @ Psionic Roshambo: https://imgur.com/gallery/THrBdLQ