To make the development environment identical to the production environment, configure your client to override the authoritative DNS server(s) for the commonidtrust.org domain to the development environment. You can either configure your DNS, or you can use a VPN.
DNS
Currently, the DNS server for VPC-Dev runs on a personal, free t2.micro instance in EC2 and is accessible at 52.24.15.28. You will need a secondary resolver for real addresses, such as 4.2.2.1, 4.2.2.2 (Level3), or 8.8.8.8, or 8.8.4.4(Google).
DNS Client Configuration:
Primary: 52.24.15.28
Secondary: 4.2.2.1
VPN with L2TP over IPSec
Alternatively, you can just VPN to the machine and the DNS settings will default to 52.24.15.28 and 8.8.8.8.
On a Mac, go to Network. Click the +. Select VPN as Interface. Name the service whatever you want.
Server Address: 52.24.15.28
Email ndk@internet2.edu to ask for the password and shared secret.
Developer Docs
Installation
yum -y install bind
Configure /etc/named.conf and the zone file /var/named/masters/commonidtrust.org (see examples attached).
chkconfig named on
Recursion is disabled and rate limiting is set at 5 per second. Since there are a total of 3 records, this is basically impossible to use in any form of attack, ever, and it's in a personal account anyway.
Logging
named logs to /var/log/messages
Start/Stop Commands
/etc/init.d/named start
/etc/init.d/named stop
This is configured to serve up the A and/or CNAME records for account.commonidtrust.org, helpdesk.commonidtrust.org, and login.commonidtrust.org for the specific VPC environment.
VPN Docs:
pretty much just stole http://www.stormacq.com/build-a-private-vpn-server-on-amazons-ec2/