This page covers the DNS setup for your Lobster Cloud system, including standard DNS names, custom domain options, and internal DNS resolution via AWS Route 53 Resolver Endpoints.
Standard DNS names
Every Lobster Cloud system receives DNS names with the .lobster-cloud.com domain suffix. These are provisioned automatically during installation. Each system component receives its own unique DNS name.
Component | Example DNS name |
|---|---|
DMZ (Production) | |
Internal Server (Production) | |
DMZ (Test) | |
Internal Server (Test) |
After installation, you will receive an installation protocol containing the DNS names (URLs), access credentials, and the associated public IP addresses. For security reasons, the username, and password are sent in separate emails. These emails are sent automatically from cloudportal@lobster.de. Please add this address to the whitelist in your email system.
Custom DNS names
You have the option to use your domain names instead of the standard .lobster-cloud.com names. This is useful if you prefer a branded URL for your integration platform or need to meet internal naming conventions.
Setup process
Step | Description |
|---|---|
1 | Refer to the installation protocol provided by Lobster. It contains the public IP addresses for your system. |
2 | Create an A record entry with your DNS provider, pointing your custom domain to the public IP address of your Lobster Cloud system. |
3 | Configure SSL certificates for your custom domain (see below). |
SSL certificates for custom DNS names
When using your own DNS names, the standard Let's Encrypt certificates will not automatically cover your custom domain. You have two options:
Option | Description |
|---|---|
Set up the Let's Encrypt Cert-Bot within the Lobster Data Platform to automatically issue and renew certificates for your custom DNS names. | |
Purchase a certificate from a trusted certification authority and install it in the Lobster Data Platform yourself. You are responsible for annual renewal. |
High Availability systems
For systems with the High Availability architecture, a CNAME record pointing to the original Lobster DNS name is recommended instead of an A record. This ensures that DNS-based failover and load balancing continue to function correctly with your custom domain.
Cloud Upgrade DNS
Internal DNS resolution (Route 53 Resolver endpoints - optional chargeable)
A managed DNS ensures reliable name resolution between the Lobster Cloud environment and your own infrastructure, allowing systems on both sides to consistently reach the correct services and endpoints. This reduces connectivity issues and provides a stable foundation as your environment grows. If you need to resolve internal hostnames from within the Lobster Cloud environment, for example to reach your on-premises systems by hostname rather than IP address, Lobster provides internal DNS resolution via AWS Route 53 Resolver Endpoints. If you have configured a VPN via AWS Site-to-Site with Lobster, redundant DNS resolvers for internal resolution across VPN connections are optionally available. The underlying architecture is designed for scenarios involving connectivity to diverse cloud and on-premises resources, ensuring stable, fast, and fault-tolerant name resolution across your network..
When internal DNS resolution is useful
Scenario | Description |
|---|---|
Internal systems not reachable via IP | Some on-premise systems can only be addressed by their internal hostname, not by a static IP address. |
Hybrid cloud architecture | Your Lobster Cloud system needs to communicate with on-premise services that use private DNS zones or internal hostnames. |
Centralized DNS management | You prefer managing DNS entries centrally on your existing DNS servers rather than maintaining individual configurations. |
When internal DNS resolution is not needed
Scenario | Description |
|---|---|
All systems reachable via IP | If all your on-premise systems can be reached by their IPv4 address, no internal DNS resolution is required. |
Pure cloud solution | If your Lobster Cloud system only communicates with external, publicly accessible systems, no internal DNS is needed. |
No VPN connection | Internal DNS resolution requires a VPN connection. If no VPN is in place or planned, this option is not applicable. |
Prerequisites
Requirement | Details |
|---|---|
VPN connection | A VPN connection between your on-premise network and your Lobster Cloud VPC is mandatory. |
DNS servers | You must provide a minimum of two DNS servers for integration. |
Port 53 | Port 53 (DNS) must be open in your local firewall for communication with the AWS Route 53 Resolver Endpoints. |
Additional cost | Route 53 Resolver Endpoints are chargeable and not included in the standard subscription. Contact your Lobster Sales representative. |
How it works
The Route 53 Resolver Endpoint is deployed within your Lobster Cloud VPC. When the Lobster Data Platform needs to resolve an internal hostname, the request is forwarded through the VPN tunnel to your on-premise DNS servers. Your DNS servers resolve the hostname and return the result to the Lobster system. This happens transparently without any changes to your integration profiles.
DNS resolution best practices
Important Note
Local host files are not a recommended alternative for internal DNS resolution. They represent a non-scalable solution that is difficult to maintain and prone to errors. Lobster does not offer entries in the hosts file on its web servers. Route53 Resolver endpoints are the professional, centralised solution for this requirement.