Difference between revisions of "Network"

From Nintendo Switch Brew
Jump to navigation Jump to search
 
(10 intermediate revisions by 5 users not shown)
Line 6: Line 6:
 
== CDN ==
 
== CDN ==
 
The URLs for content delivery network servers on the Switch usually follow this format:
 
The URLs for content delivery network servers on the Switch usually follow this format:
  {server_name}.hac.{environment}.{serverset}.nintendo.net
+
  {server_name}.hac.{environment}.{serverset}.{host}
  
 
Where:
 
Where:
 
  {server_name}: One of the registered server names.
 
  {server_name}: One of the registered server names.
 
  {environment}: "dp1", "lp1", "sp1", "dd1", "jd1", "sd1", "td1" or "xd1".
 
  {environment}: "dp1", "lp1", "sp1", "dd1", "jd1", "sd1", "td1" or "xd1".
  {serverset}: "eshop" (online shop) or "d4c" (content delivery).
+
  {serverset}: "eshop" (online shop), "d4c" (content delivery) or "dragons" (online membership).
 +
{host}: "nintendo.net" (global cdn), "n.nintendoswitch.cn" (chinese cdn).
  
 
=== Servers ===
 
=== Servers ===
Line 18: Line 19:
 
* "[[#atum/atumn|atum.hac.%.d4c.nintendo.net]]"
 
* "[[#atum/atumn|atum.hac.%.d4c.nintendo.net]]"
 
* "[[#atum/atumn|atumn.hac.%.d4c.nintendo.net]]"
 
* "[[#atum/atumn|atumn.hac.%.d4c.nintendo.net]]"
 +
* "atumn-dummy.hac.%.d4c.nintendo.net"
 
* "[[#superfly|superfly.hac.%.d4c.nintendo.net]]"
 
* "[[#superfly|superfly.hac.%.d4c.nintendo.net]]"
 
* "bugyo.hac.%.eshop.nintendo.net"
 
* "bugyo.hac.%.eshop.nintendo.net"
Line 24: Line 26:
 
* "[[#tagaya|tagaya.hac.%.eshop.nintendo.net]]"
 
* "[[#tagaya|tagaya.hac.%.eshop.nintendo.net]]"
 
* [5.0.0+] "[[#pearljam|pearljam.hac.%.eshop.nintendo.net]]"
 
* [5.0.0+] "[[#pearljam|pearljam.hac.%.eshop.nintendo.net]]"
 +
* [6.0.0+] "dragons.hac.%.dragons.nintendo.net"
 +
* [6.0.0+] "dragonst.hac.%.dragons.nintendo.net"
 +
* [6.0.0+] "[[#tigers|tigers.hac.%.dragons.nintendo.net]]"
 +
* [14.0.0+] "[[#veer|veer.hac.%%.d4c.nintendo.net]]"
  
 
==== sun ====
 
==== sun ====
Line 55: Line 61:
 
CDN for system-titles.
 
CDN for system-titles.
  
While "atumn" seems to be for system-titles and "atum" for eShop titles, the latter titles are accessible fine with atumn (with "/t/" for NCA-type0 at least).
+
"atumn" is for system-titles and "atum" is for eShop titles.
  
 
'a' is used when an input u8 is not 0x3, otherwise 's' is used. A seperate function using the ".../c/" URL is hard-coded to use 'c'. This appears to match 's' usage attempts: the only URL that returned actual data with 's' was with titleID 0100000000000816.
 
'a' is used when an input u8 is not 0x3, otherwise 's' is used. A seperate function using the ".../c/" URL is hard-coded to use 'c'. This appears to match 's' usage attempts: the only URL that returned actual data with 's' was with titleID 0100000000000816.
Line 93: Line 99:
 
  [5.0.0+] "<nowiki>https://pearljam.hac.%.eshop.nintendo.net/sugar</nowiki>"
 
  [5.0.0+] "<nowiki>https://pearljam.hac.%.eshop.nintendo.net/sugar</nowiki>"
 
  [5.0.0+] "<nowiki>https://pearljam.hac.%.eshop.nintendo.net/civil</nowiki>"
 
  [5.0.0+] "<nowiki>https://pearljam.hac.%.eshop.nintendo.net/civil</nowiki>"
 +
 +
==== tigers ====
 +
Used for fetching common tickets for title updates.
 +
 +
==== veer ====
 +
URLs:
 +
"<nowiki>https://veer.hac.%%.d4c.nintendo.net/v3/policy.json?context=%s</nowiki>"
  
 
== Shop API ==
 
== Shop API ==
Line 102: Line 115:
  
 
==== ecs ====
 
==== ecs ====
 +
These URL strings were removed from nim with [15.0.0+].
 +
 
URLs:
 
URLs:
 
  "<nowiki>https://ecs-%.hac.shop.nintendo.net/ecs/services/rest/AccountGetETickets</nowiki>"
 
  "<nowiki>https://ecs-%.hac.shop.nintendo.net/ecs/services/rest/AccountGetETickets</nowiki>"
Line 107: Line 122:
  
 
==== ias ====
 
==== ias ====
 +
These URL strings were removed from nim with [15.0.0+].
 +
 
URLs:
 
URLs:
 
  "<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/Register</nowiki>"
 
  "<nowiki>https://ias-%.hac.shop.nintendo.net/ias/services/rest/Register</nowiki>"
Line 136: Line 153:
 
* "broker.%.npns.srv.nintendo.net"
 
* "broker.%.npns.srv.nintendo.net"
 
* "consumer.%.npns.srv.nintendo.net"
 
* "consumer.%.npns.srv.nintendo.net"
* "receive-%.dg.srv.nintendo.net"
+
* "[[BCAT_services#Data_reporting|receive-%.dg.srv.nintendo.net]]"
* "receive-%.er.srv.nintendo.net"
+
* "[[Error_Upload_services|receive-%.er.srv.nintendo.net]]"
 +
* "nncs1-%.n.n.srv.nintendo.net"
 +
* "nncs2-%.n.n.srv.nintendo.net"
 +
* "g<game_server_id>-%.s.n.srv.nintendo.net"
 +
* [4.0.0+] "[[#migration|migration.%.scsi.srv.nintendo.net]]"
 +
* [6.0.0+] "[[#storage|storage.%.scsi.srv.nintendo.net]]"
 +
* [9.0.0+] "[[#storage|storage.%.sata.srv.nintendo.net]]"
 +
* [9.0.0+] "[[#permission|permission.%.sata.srv.nintendo.net]]"
  
 
==== aauth ====
 
==== aauth ====
Line 172: Line 196:
  
 
<code><nowiki><?xml version="1.0"?><stream:stream to="app-a04.lp1.npns.srv.nintendo.net" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams"></nowiki></code>
 
<code><nowiki><?xml version="1.0"?><stream:stream to="app-a04.lp1.npns.srv.nintendo.net" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams"></nowiki></code>
 +
 +
==== migration ====
 +
[[Migration_services|Migration]] service storage.
 +
 +
==== storage ====
 +
[[OLSC_services|OLSC]] service (.scsi) and repair service (.sata) storage.
 +
 +
==== permission ====
 +
[[OLSC_services|OLSC]] repair service survey request.
 +
 +
  <nowiki>https://permission.%.sata.srv.nintendo.net/api/nx/v1/customer_operations</nowiki>
 +
  <nowiki>https://permission.%.sata.srv.nintendo.net/api/nx/v1/customer_operations?survey_request_id=%llu</nowiki>
 +
 
 +
  Request headers:
 +
  > User-Agent: libcurl (nnHttp; 789f928b-138e-4b2f-afeb-1acae821d897; SDK {x.x.x.x sdkver}; Add-on {x.x.x.x sdkver})
 +
  > Accept: */*
 +
  > X-Device-Token: {device-token from dauth for SATA}
 +
  > Content-Type: application/json
 +
 
 +
  Response (without survey_request_id): {"survey_requests":[]}
  
 
== Others ==
 
== Others ==
Line 179: Line 223:
 
Account metadata:
 
Account metadata:
 
* "e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com"
 
* "e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com"
 +
* "accounts.nintendo.com"
 
* "api.accounts.nintendo.com"
 
* "api.accounts.nintendo.com"
 +
* "c-%.accounts.nintendo.com"
 +
* "capi.%.op2.nintendo.net"
  
News and game content:
+
News, friends and game content:
 
* "bcat-topics-%.cdn.nintendo.net"
 
* "bcat-topics-%.cdn.nintendo.net"
 
* "bcat-list-%.cdn.nintendo.net"
 
* "bcat-list-%.cdn.nintendo.net"
* "service-status-%.cdn.nintendo.net"
+
* "bcat-data-%.cdn.nintendo.net"
* "g<game_server_id>-%.s.n.srv.nintendo.net"
+
* "bcat-web-%.cdn.nintendo.net"
 +
* "app.%.five.nintendo.net"
 +
* [6.0.0+] "scsi-policy-%.cdn.nintendo.net"
 +
 
 +
NSO webapplet [11.0.0+]:
 +
* "%.nso.nintendo.net"
 +
* "atum-img-%.cdn.nintendo.net"
  
 
Connection:
 
Connection:
Line 191: Line 244:
 
* "nasc.nintendowifi.net"
 
* "nasc.nintendowifi.net"
  
[[Error_applet]]:
+
Error and status:
* <nowiki>"https://Service-status-%.cdn.nintendo.net/service_status_hac.json"</nowiki>
+
* "[[#service-status|service-status-%.cdn.nintendo.net]]"
 +
* "problems.dragons.nintendo.net"
 +
* "moon.nintendo.com"
 +
 
 +
==== service-status ====
 +
[[Error_applet|Error applet]] status.
 +
 
 +
URLs:
 +
"<nowiki>https://service-status-%.cdn.nintendo.net/service_status_hac.json</nowiki>"
  
 
= User-Agent =
 
= User-Agent =

Latest revision as of 16:58, 20 November 2023

This page documents DNS domains and lists information relevant to the online services used by the Switch.

Domains

Only HTTPS is used with these domains unless noted otherwise.

CDN

The URLs for content delivery network servers on the Switch usually follow this format:

{server_name}.hac.{environment}.{serverset}.{host}

Where:

{server_name}: One of the registered server names.
{environment}: "dp1", "lp1", "sp1", "dd1", "jd1", "sd1", "td1" or "xd1".
{serverset}: "eshop" (online shop), "d4c" (content delivery) or "dragons" (online membership).
{host}: "nintendo.net" (global cdn), "n.nintendoswitch.cn" (chinese cdn).

Servers

sun

Used for checking whether a sysupdate is available. Equivalent to NetUpdateSOAP from past systems.

NIM sends a HTTP GET with the sun URL to get the title-listing of the latest system-titles, as .json. The deviceid in the URL is the same one in the above User-Agent section. HTTP header "Accept:application/json" is sent in the request.

The response is json with a "system_update_metas" block, containing "title_id" and "title_version" entries. The actual server response only contains 1 title.

Example, from 2.0 system:

{"timestamp":REDACTED-TIMESTSAMP,"system_update_metas":[{"title_id":"0100000000000816","title_version":201327002}]}

URLs:

"https://sun.hac.%%.d4c.nintendo.net/v1/system_update_meta?device_id=%016llx"

aqua

The following response is json from accessing the aqua URL:

{ "contents_delivery_required_title_id": "0100000000000816", "contents_delivery_required_title_version": 0 }

A while after 3.0.0 release, the above title-version was changed to the one for v3.0("Last-Modified: Thu, 29 Jun 2017 00:00:04 GMT").

URLs:

"https://aqua.hac.%%.d4c.nintendo.net/required_system_update_meta?device_id=%016llx"

atum/atumn

CDN for system-titles.

"atumn" is for system-titles and "atum" is for eShop titles.

'a' is used when an input u8 is not 0x3, otherwise 's' is used. A seperate function using the ".../c/" URL is hard-coded to use 'c'. This appears to match 's' usage attempts: the only URL that returned actual data with 's' was with titleID 0100000000000816.

As of June 30, 2017, accessing old content via the atumn "/c/" and "/t/" URLs works fine.

URLs:

"https://%s.hac.%%.d4c.nintendo.net/t/%c/%016llx/%u?device_id=%016llx"
Returns content like the below URL. First %s is atumn or atum. This is the content for NCA-type0. See below for %c. %016llx is titleID, %u is title-version.

"https://%s.hac.%%.d4c.nintendo.net/c/%c/%s"
Used for downloading content. First %s is atumn or atum. %c is one of: 'c', 'a', or 's'. %s is just the hex-string NcaId. The server also returns two HTTP headers: "X-Nintendo-Content-Hash: {entire lowercase hex-string of the content SHA256 hash}" and "X-Nintendo-Content-ID: {lowercase hex-string for NcaId}"

superfly

URLs:

"https://superfly.hac.%%.d4c.nintendo.net/v1/t/%016llx/dv"
%016llx is titleID, only for eShop titles it appears. Returns .json title-info.

"https://superfly.hac.%%.d4c.nintendo.net/v1/a/%016llx/dv"
%016llx is titleID, only for eShop titles it appears. Output is similar to above URL.

tagaya

VersionList for eShop titles.

URLs:

"https://tagaya.hac.%.eshop.nintendo.net/tagaya/hac_versionlist"

beach

URLs:

"https://beach.hac.%.eshop.nintendo.net/v1/rom_cards?application_id=%016llx&rom_card_cert=%s"
"https://beach.hac.%.eshop.nintendo.net/v1/rom_cards/register?application_id=%016llx&rom_card_cert=%s&expected_gold_point=%d"
"https://beach.hac.%.eshop.nintendo.net/v1/my/devices/hac/link?lang=en"
"https://beach.hac.%.eshop.nintendo.net/v1/my/virtual_account?lang=en"

pearljam

URLs:

[5.0.0+] "https://pearljam.hac.%.eshop.nintendo.net/sugar"
[5.0.0+] "https://pearljam.hac.%.eshop.nintendo.net/civil"

tigers

Used for fetching common tickets for title updates.

veer

URLs:

"https://veer.hac.%%.d4c.nintendo.net/v3/policy.json?context=%s"

Shop API

Domains for interacting with the online shop API.

Servers

ecs

These URL strings were removed from nim with [15.0.0+].

URLs:

"https://ecs-%.hac.shop.nintendo.net/ecs/services/rest/AccountGetETickets"
"https://ecs-%.hac.shop.nintendo.net/ecs/services/rest/GetAccountStatus"

ias

These URL strings were removed from nim with [15.0.0+].

URLs:

"https://ias-%.hac.shop.nintendo.net/ias/services/rest/Register"
"https://ias-%.hac.shop.nintendo.net/ias/services/rest/GetChallenge"
"https://ias-%.hac.shop.nintendo.net/ias/services/rest/Unregister"
"https://ias-%.hac.shop.nintendo.net/ias/services/rest/GetRegistrationInfo"
"https://ias-%.hac.shop.nintendo.net/ias/services/rest/CompleteETicketSync"
"https://ias-%.hac.shop.nintendo.net/ias/services/rest/AccountTransfer"
"https://ias-%.hac.shop.nintendo.net/ias/services/rest/SyncRegistration"

Services

The URLs for general online service servers on the Switch usually follow one of these formats:

{server_name}.{environment}.{service_name}.srv.nintendo.net
{server_name}-{environment}.{service_name}.srv.nintendo.net

Where:

{server_name}: One of the registered server names.
{environment}: "lp1" (production), "dd1" (development) or "sp1" (production lottest staging).
{service_name}: One of the various service names.

Servers

aauth

Application authentication.

URLs:

"https://aauth-%.ndas.srv.nintendo.net/v1/application_auth_token"
"https://aauth-%.ndas.srv.nintendo.net/v1/time"

[5.0.0+] "https://aauth-%.ndas.srv.nintendo.net/v2-44cd4221f90742b5f37a4948b37dacf024d0bb14dde86db0af20ec300a36a0fe/application_auth_token"
Replaces previous application_auth_token URL.

dauth

Device authentication.

URLs:

"https://dauth-%.ndas.srv.nintendo.net/v1/device_auth_token"
CURLOPT_POSTFIELDS is set to the output from: snprintf(..., "system_version=%08x&client_id=%s", <byte-swapped first 3 bytes from System_Version_Title loaded via settings cmd>, "<hard-coded hex string>");

[4.0.0+] "https://dauth-%.ndas.srv.nintendo.net/439528b578b74475d24ec19264097f17d2cc578c8584816b644e7b7fa93044d7/device_auth_token"
Replaces previous device_auth_token URL. 

[5.0.0+] "https://dauth-%.ndas.srv.nintendo.net/v3-59ed5fa1c25bb2aea8c4d73d74b919a94d89ed48d6865b728f63547943b17404/device_auth_token"
Replaces previous device_auth_token URL.

[5.0.0+] "https://dauth-%.ndas.srv.nintendo.net/v3-59ed5fa1c25bb2aea8c4d73d74b919a94d89ed48d6865b728f63547943b17404/challenge"
CURLOPT_POSTFIELDS is set to the output from: snprintf(..., "key_generation=%u", 5);

znc

Used by the Switch Online app to get app data, like the list of game-specific services to display.

app

app-a04* uses XMPP with TLS over port 443, without HTTP. Sample request:

<?xml version="1.0"?><stream:stream to="app-a04.lp1.npns.srv.nintendo.net" xml:lang="en" version="1.0" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams">

migration

Migration service storage.

storage

OLSC service (.scsi) and repair service (.sata) storage.

permission

OLSC repair service survey request.

 https://permission.%.sata.srv.nintendo.net/api/nx/v1/customer_operations
 https://permission.%.sata.srv.nintendo.net/api/nx/v1/customer_operations?survey_request_id=%llu
 
 Request headers:
 > User-Agent: libcurl (nnHttp; 789f928b-138e-4b2f-afeb-1acae821d897; SDK {x.x.x.x sdkver}; Add-on {x.x.x.x sdkver})
 > Accept: */*
 > X-Device-Token: {device-token from dauth for SATA}
 > Content-Type: application/json
 
 Response (without survey_request_id): {"survey_requests":[]}

Others

Miscellaneous domains for various APIs and tests.

Servers

Account metadata:

  • "e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com"
  • "accounts.nintendo.com"
  • "api.accounts.nintendo.com"
  • "c-%.accounts.nintendo.com"
  • "capi.%.op2.nintendo.net"

News, friends and game content:

  • "bcat-topics-%.cdn.nintendo.net"
  • "bcat-list-%.cdn.nintendo.net"
  • "bcat-data-%.cdn.nintendo.net"
  • "bcat-web-%.cdn.nintendo.net"
  • "app.%.five.nintendo.net"
  • [6.0.0+] "scsi-policy-%.cdn.nintendo.net"

NSO webapplet [11.0.0+]:

  • "%.nso.nintendo.net"
  • "atum-img-%.cdn.nintendo.net"

Connection:

  • "ctest.cdn.nintendo.net" (replaces "conntest.nintendowifi.net")
  • "nasc.nintendowifi.net"

Error and status:

service-status

Error applet status.

URLs:

"https://service-status-%.cdn.nintendo.net/service_status_hac.json"

User-Agent

NIM generates two User-Agent strings:

snprintf(..., "User-Agent: NintendoSDK Firmware/%s-%u (platform:%s; did:%016llx; eid:%s)", <string at sysver+0x68>, {u32 from sysver+4}, "NX", DeviceId, {GetEnvironmentIdentifier output});
 
snprintf(..., "User-Agent: NintendoSDK Firmware/%s-%u (platform:%s; eid:%s)", <string at sysver+0x68>, {u32 from sysver+4}, "NX", DeviceId, {GetEnvironmentIdentifier output});

Where the 64bit DeviceId is parsed from the 0x10-bytes at outbuf+0xC6 from set:cal GetEciDeviceCertificate (DeviceCert_certname+2, aka where the hex string for the DeviceId is).