Question

Situation description

So when I build in the factory my super-sensor which would be sending its metrics every 30 seconds to AWS IoT via MQTT, I have to bake into the device a DNS domain name to which the sensor will be connecting.

AWS IoT suggests using endpoint in the form <random-string>.iot.eu-west-1.amazonaws.comwhich for me would look like A26PKG2U6WRS2I.iot.eu-west-1.amazonaws.com

Here's slightly formatted output of dig A26PKG2U6WRS2I.iot.eu-west-1.amazonaws.comcommand which shows that after few redirects this domain name resolves to 6 IP addresses, which seem to be load balancers.

DOMAIN DETAILS: 

A26PKG2U6WRS2I.iot.eu-west-1.amazonaws.com. 290 
POINTS TO CNAME 
iotmoonraker.eu-west-1.prod.iot.eu-west-1.amazonaws.com.


iotmoonraker.eu-west-1.prod.iot.eu-west-1.amazonaws.com. 254 
POINTS TO CNAME 
dualstack.iotmoonraker-e-elb-9q2vvmxp3rir-1271985754.eu-west-1.elb.amazonaws.com.

RESOLVES TO IPs:
dualstack.iotmoonraker-e-elb-9q2vvmxp3rir-1271985754.eu-west-1.elb.amazonaws.com. 50 IN A 54.229.34.249
dualstack.iotmoonraker-e-elb-9q2vvmxp3rir-1271985754.eu-west-1.elb.amazonaws.com. 50 IN A 52.19.106.35
dualstack.iotmoonraker-e-elb-9q2vvmxp3rir-1271985754.eu-west-1.elb.amazonaws.com. 50 IN A 52.18.139.53
dualstack.iotmoonraker-e-elb-9q2vvmxp3rir-1271985754.eu-west-1.elb.amazonaws.com. 50 IN A 52.48.96.41
dualstack.iotmoonraker-e-elb-9q2vvmxp3rir-1271985754.eu-west-1.elb.amazonaws.com. 50 IN A 52.19.155.13
dualstack.iotmoonraker-e-elb-9q2vvmxp3rir-1271985754.eu-west-1.elb.amazonaws.com. 50 IN A 54.76.47.209

Question

There're two concerns I have:

• When I am implementing the MQTT communication in C for my PIC microcontroller, my DNS resolver is confused by that many IPs that a single domain can resolve to. And at the moment I don't know if I can fix that. For the moment my solution is - to create my own domain name iot-ingestion.domain-i-own.com and point it to one of the IP addresses. Is there a better option?

• How reliable is it to bake into bake into my device this A26PKG2U6WRS2I.iot.eu-west-1.amazonaws.com hostname? What if I want to switch change IoT stack in 2-3 years and switch to different technology/provider?

Answer 1

Yes, I would avoid revealing an 'internal' AWS hostname. You should also avoid fixing to a single IP address. In AWS IP addresses can change rapidly and get re-assigned to other customers.

The solution is to indeed use your own domain name, which you have control over, but to use a DNS CNAME record.

iot-ingestion.domain-i-own.com CNAME A26PKG2U6WRS2I.iot.eu-west-1.amazonaws.com.

It may even be worth baking different hostnames into different device firmware versions, so if there is a problem with one you can re-point it at a different endpoint, or cut it off completely, if it is damaging your services.

I have had good experiences with using Route 53, Amazon's DNS service. Which may also result in fewer DNS requests from your device to get to the end IP address.