android.apis.google.com DNS issue at EC2

Google has lots and lots of IPs, and they'll serve you the IPs that are geographically closest to where they think you're located.

When I dig against Google's own public DNS at 8.8.8.8, I get the same list you get from EC2:

[] csternal@~: dig @8.8.8.8 android.apis.google.com

; <<>> DiG 9.6-ESV-R4-P3 <<>> @8.8.8.8 android.apis.google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38592
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;android.apis.google.com.   IN  A

;; ANSWER SECTION:
android.apis.google.com. 300    IN  CNAME   clients.l.google.com.
clients.l.google.com.   300 IN  A   72.14.204.102
clients.l.google.com.   300 IN  A   72.14.204.113
clients.l.google.com.   300 IN  A   72.14.204.100
clients.l.google.com.   300 IN  A   72.14.204.101
clients.l.google.com.   300 IN  A   72.14.204.138

;; Query time: 83 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Mar 15 11:38:13 2012
;; MSG SIZE  rcvd: 145

The problem you're encountering appears to be this one: https://stackoverflow.com/questions/6296547/c2dm-ioexception-when-sending-message

The solution most commonly given to resolve the error message you are receiving is to define a custom Hostname validation. The main problem that you are facing is that the domain name returned by Google's Android URL is .google.com. Unfortunately, this causes some issues as the Android SDK is at android.apis.google.com. The JVM will not validate this combination by default (.sdk.google.com would be acceptable).

Here is an example of how you can create your own hostname validator:

URL url = new URL("https://android.apis.google.com/c2dm/send");

HostnameVerifier hVerifier = new HostnameVerifier() {
    public boolean verify(String hostname, SSLSession
            session) {
        return true;
    }
};

HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setHostnameVerifier(hVerifier);