RELEASE 90DNS: DNS server for blocking all Nintendo Servers

Discussion in 'Switch - Emulation, Homebrew & Software Projects' started by AveSatanas, Aug 27, 2018.

  1. AveSatanas
    OP

    AveSatanas GBAtemp Regular

    Member
    3
    Aug 7, 2018
    United States
    Hey all!

    90DNS is a DNS and HTTP setup running together to block all Nintendo traffic while 1) passing connection test without connecting to Nintendo servers 2) allowing anything that isn't Nintendo (so you can still enjoy homebrew).

    People tried a number of games that are not using Nintendo servers for online play (fortnite, paladins, hulu) and reported that they do not work.

    YouTube doesn't work unless you launch it once before using 90DNS, but I heard that there's a file that's going around that you can install that bypasses the online checks. Dig for that if you're interested.

    We (as LavaTech) actually did this half a month ago and released it on reddit, but it seems like people all around the scene were interested in it so I guess it's time to release it here too.

    Here's the GitLab repo, it has the code, configs and the self-host guide (it's a bit too confusing and complicated to put here).

    WORKS ON 6.0.0/6.0.1/6.1.0 BUT AS ALWAYS, USE AT YOUR OWN RISK.

    Setup Instructions

    Optional: If you really want to be sure that 90DNS will protect you, then you can test for DNS hijacks (done sometimes by ISPs) by running the 90DNS tester. Just install the latest version of Python (works on both 2 and 3), install dnspython ("pip install dnspython"), get the script, run it on command line. If you get "It should be safe to use 90DNS on this network.", then it should be all good. If you don't get that, follow the self-host guide.
    • Go to System Settings
    • Go to Internet tab
    • Open Internet Settings
    • If you already have a wifi network: Tap on your wifi network, pick Change Settings
    • If you don't have a wifi network added, open Manual Setup and set up your network name, SSID and Security
    • Set DNS Settings to Manual, and set primary DNS to "163.172.141.219" and secondary DNS to "45.248.48.62"
    • Save and then connect to wifi
    Success, all Nintendo servers should now be blocked on your Switch.

    Disclaimer

    Obviously, use this at your own risk. While I used it without getting banned and so did many others, Nintendo is unpredictable so I can't guarantee that this will prevent a ban.

    Going online without 90DNS or a similar solution may result in a ban as it'll send telemetry to Nintendo, so I don't recommend doing that. If you really want to go online, just restore to a NAND backup taken before your bannable actions.
     
    Last edited by AveSatanas, Nov 11, 2018
    Ev1l0rd, Essometer, NSStack and 41 others like this.
  2. Darth Meteos

    Darth Meteos Entertainer

    Member
    10
    GBAtemp Patron
    Darth Meteos is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jan 6, 2015
    Australia
    Down Under
    Wow, this is actually pretty cool, I like it.
     
  3. Draxzelex

    Draxzelex GBAtemp Guru

    Member
    16
    Aug 6, 2017
    United States
    New York City
    Move over ReSwitched and Switchbru DNS servers, this one takes the cake.
     
    SaffronXL, Adran_Marit and AveSatanas like this.
  4. Adran_Marit

    Adran_Marit Walküre's Hacker

    Member
    4
    Oct 3, 2015
    Australia
    42*South
    Wooo gbatemp release :) Good work @ave :)
     
    AveSatanas likes this.
  5. Chudy-VR5

    Chudy-VR5 Member

    Newcomer
    1
    Aug 12, 2018
    Poland
    How long it works? Always ?
     
  6. AveSatanas
    OP

    AveSatanas GBAtemp Regular

    Member
    3
    Aug 7, 2018
    United States
    Not sure what you mean by this.

    Here's some attempts at answering what you probably meant:

    Q: Am I supposed to keep it on all the time?
    A: Yes, you do keep it on all the time. Turning it off will send telemetry data to N, and you'll probably be banned.

    Q: How long will you keep the server on? Always?
    A: I do plan to keep the official DNS servers up for at least one more year, but if people are still using it then, I'll keep it up for more.

    Q: Will it work on all software updates?
    A: Yeah, it should work on 1.0.0-5.1.0. Might even work on 3DS or Wii U, though I only tested it on Switch (please let me know if it works on them). I can't comment on future software updates, that's up to Nintendo.

    If your question isn't any of those, please feel free to ask again with a more clear wording.
     
  7. _gianno

    _gianno Member

    Newcomer
    1
    Jun 28, 2018
    Italy
    Finally i've found a DNS which automatically reconnect my switch to Internet connection when I wake it up after rest mode.
    Every other DNS brings me to re configure connection after every rest mode.
     
    AveSatanas likes this.
  8. vizzerx

    vizzerx Newbie

    Newcomer
    1
    Jun 1, 2018
    Thailand
    Work perfectly!
     
  9. The0919

    The0919 GBAtemp Regular

    Member
    3
    Oct 29, 2017
    United States
    Behind you
    Will this work with games such as Paladins that don't use Nintendo servers?
     
  10. The Real Jdbye

    The Real Jdbye Always Remember 30/07/08

    Member
    17
    GBAtemp Patron
    The Real Jdbye is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Mar 17, 2010
    Norway
    Alola
    Neat, I guess this does the same thing as the stealth in SX OS 1.6, only that it works outside of CFW, which makes it a lot more useful.
     
    justmiiplaynwii likes this.
  11. AveSatanas
    OP

    AveSatanas GBAtemp Regular

    Member
    3
    Aug 7, 2018
    United States
    No clue, if you test it, please report back with your results.

    Someone tested Fortnite and it didn't work for them, btw.

    90DNS came out earlier than SXOS 1.6 too, and by that ~17 days. Inb4 TX got the idea or the blocklist from 90DNS.
     
    Tekniquez, Draxzelex and Darth Meteos like this.
  12. The0919

    The0919 GBAtemp Regular

    Member
    3
    Oct 29, 2017
    United States
    Behind you
    Just tried it, Paladins and Hulu do not work
     
  13. elm

    elm GBAtemp Fan

    Member
    4
    Jun 20, 2007
    United States
    So this will connect you to the internet but not to Nintendo Servers. Just to make sure, this won't connect to Nintendo's eShop to get updates for games?

    And whomever is hosting the servers plan to keep it going for at least a year?

    Thanks
     
    Last edited by elm, Aug 27, 2018
    Darth Meteos likes this.
  14. Darth Meteos

    Darth Meteos Entertainer

    Member
    10
    GBAtemp Patron
    Darth Meteos is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jan 6, 2015
    Australia
    Down Under
    Why is it called 90DNS, anyway?
     
    Quantumcat likes this.
  15. AveSatanas
    OP

    AveSatanas GBAtemp Regular

    Member
    3
    Aug 7, 2018
    United States
    Thanks for testing them out, will update the post.

    Yes, it'll connect to internet but not to Nintendo servers. You won't be able to get game updates through eShop, no.

    I'm hosting one of the servers and @Adran_Marit is hosting the other. I already host a bunch of other stuff and some of them have already been up for years so I don't think that it's worth worrying about.

    Because "Ninety" looks like "Ninty". It was going to be NintyDNS (or nindns) at first but I changed my mind later as I wanted to do some dumb word play.
     
    DDlux7, Khim09, Draxzelex and 3 others like this.
  16. The Real Jdbye

    The Real Jdbye Always Remember 30/07/08

    Member
    17
    GBAtemp Patron
    The Real Jdbye is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Mar 17, 2010
    Norway
    Alola
    I thought it was called 90DNS because it blocked 90 addresses :P
     
    BlastedGuy9905 likes this.
  17. Mobutu16

    Mobutu16 Member

    Newcomer
    2
    Jun 17, 2018
    Nigeria
    Are 90DNS blocking these? @AveSatanas

    //Services
    aauth-*.ndas.srv.nintendo.net; //App Authentication; Generates the App Key (Needed to Play Online)
    dauth-*.ndas.srv.nintendo.net; //Device Authentication; Generates the Device Key (Needed to Play Online)
    api-*.*.srv.nintendo.net; //Get App Data
    app-*.*.npns.srv.nintendo.net; //Get App Data
    broker.*.npns.srv.nintendo.net;
    consumer.*.npns.srv.nintendo.net;
    web-*.share.srv.nintendo.net; //Social Network Share
    assets-*.share.srv.nintendo.net; //Social Network Share
    receive-*.*.srv.nintendo.net; //Log Server

    //Connection Test
    //ctest.cdn.nintendo.net; //Need Unblocked to Let Connection to Internet
    ctest-*-*.cdn.nintendo.net;
    nasc.nintendowifi.net

    //Game Checks CERT, Gold, etc...
    beach.hac.*.eshop.nintendo.net; //Checks the Game CERT, RetrieveGold Feature, Link Device and VirtualAccount?

    //Updates
    sun.hac.*.d4c.nintendo.net; //Check for System Updates
    //aqua.hac.*.d4c.nintendo.net; //Check for Updates and Check Required System Update; Needed to GameUpdates
    //superfly.hac.*.d4c.nintendo.net; //Check for Updates and Get TitleInfo; Needed to GameUpdates
    //atum.hac.*.d4c.nintendo.net; //CDN-Download for Games/Updates; Needed to GameUpdates

    atumn.hac.*.d4c.nintendo.net; //CDN-Download for System Apps
    tagaya.hac.*.eshop.nintendo.net; //VersionList for Games
    pearljam.hac.*.eshop.nintendo.net; //Sugar and Civil?

    //Account
    accounts.nintendo.com; //Access to Account and eShop
    api.accounts.nintendo.com; //Account Metadata (Needed to Play Online)
    *.baas.nintendo.com; //Account Metadata, Blocked Friends, View and Add Friends (Needed to Play Online)

    //eShop
    bugyo.hac.*.eshop.nintendo.net; //Access to eShop
    ecs-*.hac.shop.nintendo.net; //Access to eShop and GetTickets/AccountStatus
    pushmo.hac.*.eshop.nintendo.net; //Download Games/App from eShop
    ias-*.hac.shop.nintendo.net; //Reg-Challenge-Unreg-RegInfo-TicketSync-AccountTransfer-SyncReg

    //News and Content
    bcat-topics-*.cdn.nintendo.net; //News&Content Topics
    bcat-list-*.cdn.nintendo.net; //News&Content List
    service-status-*.cdn.nintendo.net;
    g*-*.s.n.srv.nintendo.net;
     
  18. Mobutu16
    This message by Mobutu16 has been removed from public view by Chary, Aug 27, 2018, Reason: Duplicate post.
    Aug 27, 2018
  19. AveSatanas
    OP

    AveSatanas GBAtemp Regular

    Member
    3
    Aug 7, 2018
    United States
    I'm blocking everything on nintendo.net, nintendo.com and dozens of other Nintendo domains. Those include these. I'm also hosting a fake ctest and conntest so that you can connect to internet (and stay connected after wake) without contacting Nintendo.
     
    Last edited by AveSatanas, Aug 27, 2018
    CatmanFan, johnny2k4, Khim09 and 10 others like this.
  20. Freezerbomb

    Freezerbomb GBAtemp Regular

    Member
    2
    Aug 17, 2018
    Sweden
    Thank you! Now I can use FTP without feeling paranoid!
     
    CatmanFan, MushGuy, alrashdy2 and 2 others like this.
  21. Adran_Marit

    Adran_Marit Walküre's Hacker

    Member
    4
    Oct 3, 2015
    Australia
    42*South

    I'll be hosting the one on my end for as long as humanly possible
     
    DDlux7, AveSatanas and elm like this.
  22. justmiiplaynwii

    justmiiplaynwii Advanced Member

    Newcomer
    3
    Apr 22, 2018
    Germany
    Thank you very much! Now i can use the Homebrew App Store and FTP again!
     
    Last edited by justmiiplaynwii, Aug 28, 2018
    CatmanFan likes this.
  23. justmiiplaynwii
    This message by justmiiplaynwii has been removed from public view by Chary, Aug 28, 2018, Reason: Duplicate post.
    Aug 28, 2018
  24. crissal

    crissal Advanced Member

    Newcomer
    2
    Dec 3, 2017
    Italy
    Thank you very much! Gonna try it
    EDIT: Nope @AveSatanas , is giving me error 2110-3127 (first step of connection is fine, second gives me this error): cannot resolve DNS names.
    I tried both with 163.172.141.219 primary and 45.248.48.62 secondary and with 163.172.141.219 for primary and secondary.
     
    Last edited by crissal, Aug 29, 2018
    ViolentRockstar and Ivellios like this.
Loading...