Homebrew RELEASE 90DNS: DNS server for blocking all Nintendo Servers

CatmanFan

Anxious and regretful
Member
Joined
Aug 14, 2016
Messages
1,954
Trophies
0
Website
www.youtube.com
XP
1,855
Country
Morocco
"If you really want to go online, just restore to a NAND backup taken before your bannable actions."

But isn't the ban on the server-side? Or does it have to do with the console?
 

Draxzelex

Well-Known Member
Member
Joined
Aug 6, 2017
Messages
18,687
Trophies
2
Age
28
Location
New York City
XP
12,644
Country
United States
"If you really want to go online, just restore to a NAND backup taken before your bannable actions."

But isn't the ban on the server-side? Or does it have to do with the console?
Bans are applied to the Switch's unique certificate. The wording here is that while 90DNS blocks a lot of Nintendo-related traffic, if Nintendo adds a new URL that is not blocked, it may flag a user for a ban. And this is something none of us can predict hence why its safer to go online with a clean NAND as opposed to using a DNS server. But 90DNS blocks anything with Nintendo's name on its so its still pretty safe.
 
  • Like
Reactions: CatmanFan

sj33

Well-Known Member
Member
Joined
Oct 22, 2013
Messages
4,064
Trophies
1
XP
4,662
Country
Japan
I think the idea is to restore a 'safe' NAND before going online. You can't unban the console by flashing a fresh NAND.

It's hypothetical anyway, nobody should be flashing their NAND so often.
 
  • Like
Reactions: CatmanFan

AveSatanas

Well-Known Member
OP
Member
Joined
Aug 7, 2018
Messages
155
Trophies
0
XP
935
Country
Chad
The fact is that if you continue to use exFAT, it will happen again.

XCI files can be split, 4GB+ NSP files can be installed using network install. Games always split into 4GB chunks when installed.
Restoring from hekate backups is not possible on fat32 tho.

I have a question
How does switch communicate with nintendo's server?
Domain name or IP address?

Domain name. If it was IP based this wouldn't work.
 

shchmue

Developer
Developer
Joined
Dec 23, 2013
Messages
790
Trophies
0
XP
2,321
Country
United States
finally set this up, a godsend for debugging a crash-prone program. I thought I'd spend my whole life ejecting and connecting SD cards
 

VIERcntHOLZ

yep, theres missing an "u".
Member
Joined
Mar 26, 2016
Messages
187
Trophies
0
XP
335
Country
Germany
Suup,

Got myself a fresh Switch, installed AutoRCM and ReiNX right after the purchase and went from 4.0.1 to 5.1.0 without burning Fuses using Choi.
Never been online with this console, what so ever (havent even inserted my WiFi credentials).

Just to clarify, if I use your DNS Settings (on 5.1.0) I'll mainly be safe to connect to WiFi and use it solely for the FTP Purpose (cause thats what I'd like to use) without getting banned?
(I'm aware, that I might not be safe on future Firmwares/6.0.0, but after a Firmware update I need to re-enter the WiFi Credentials again, anyway, before it connects to the Wifi, right?)
 

VIERcntHOLZ

yep, theres missing an "u".
Member
Joined
Mar 26, 2016
Messages
187
Trophies
0
XP
335
Country
Germany
Yea thats what I was asking about.

The only thing that I want to have is FTP connection to my Switch so I don't need to fiddle with the SD Card.
I'm not interested in any other usage of WiFi, so that would keep the Banrisk low, right?
 

YeetedOn

Active Member
Newcomer
Joined
Aug 31, 2018
Messages
32
Trophies
0
Age
31
XP
123
Country
United Kingdom
Very wierd. I've run the hijack DNS test thingy and it says it's safe. I proceed to connect to wifi on my console with the provided DNS and it won't connect.
Gives me this error - Could not perform DNS name resolution with the error code of 2110-3127. Any help?
 

aLR4RPio

New Member
Newbie
Joined
Jun 24, 2018
Messages
2
Trophies
0
Age
33
XP
68
Country
United States
For everyone using OpenWrt as router, this should configure the built-in dnsmasq similar to what you provide. Unfortunately, the forum will not let me post the code since I am a new user and it obviously contains URLs. You can grab it from here: pastebin. com/wmjbz6Gk (Just remove the space before com)

You can check for success for example with the Nslookup Diagnostics tool in LUCI. The list-option address is undocumented for UCI and not accessible in LUCI. I have also changed the IP address to 0.0.0.0 as it represents an address that will never be routed. Any opinions on that?

Edit: Just made a Gitlab account and filed a merge request.
 
Last edited by aLR4RPio,

AveSatanas

Well-Known Member
OP
Member
Joined
Aug 7, 2018
Messages
155
Trophies
0
XP
935
Country
Chad
For everyone using OpenWrt as router, this should configure the built-in dnsmasq similar to what you provide. Unfortunately, the forum will not let me post the code since I am a new user and it obviously contains URLs. You can grab it from here: pastebin. com/wmjbz6Gk (Just remove the space before com)

You can check for success for example with the Nslookup Diagnostics tool in LUCI. The list-option address is undocumented for UCI and not accessible in LUCI. I have also changed the IP address to 0.0.0.0 as it represents an address that will never be routed. Any opinions on that?

Edit: Just made a Gitlab account and filed a merge request.
0.0.0.0 is a bad idea as Horizon might be just falling back to secondary / network DNS on incorrect DNS entries (incorrect like 0.0.0.0 or 300.300.300.300 etc). I didn't do the RE for this so it's just a speculation, but I use 127.0.0.1 just to be safe.
 

aLR4RPio

New Member
Newbie
Joined
Jun 24, 2018
Messages
2
Trophies
0
Age
33
XP
68
Country
United States
I understand your concern. I have just tested again, entering the eshop, I get Error 2811-1007. If you are unhappy with 0.0.0.0 I can change the pull request.

But as for RFC1122, 0.0.0.0 represents a valid address to which data is never to be sent over network: "MUST NOT be sent, except as a source address as part of an initialization procedure by which the host learns its own IP address." Addresses like 300.300.300.300 are impossible since they are not representable in the 8 Bit IP quartet.

A destination that is unreachable is still way better than contacting Nintendo...
 
General chit-chat
Help Users
  • No one is chatting at the moment.
    Skelletonike @ Skelletonike: No idea what that is tbh, is that like the iso or something?