🟠 High   ⏱ 5–30 min  Last verified: 30 May 2026
Affected versions: Windows Server 2022

πŸ“– ~1 min read

Table of contents
  1. Symptom & Impact
  2. Environment & Reproduction
  3. Root Cause Analysis
  4. Quick Triage
  5. Step-by-Step Diagnosis
  6. Solution β€” Primary Fix
  7. Solution β€” Alternative Approaches
  8. Verification & Acceptance Criteria
  9. Rollback Plan
  10. Prevention & Hardening
  11. Related Errors & Cross-Refs
  12. References & Further Reading

Symptom & Impact

Workers fail to pull images from private registry and deployments fail.

Environment & Reproduction

Registry hostname resolves to stale or non-routable IP addresses.

Resolve-DnsName registry.internal
docker pull registry.internal/app:latest

Root Cause Analysis

DNS A/CNAME records, zone delegation, or client resolver cache are out of sync.

Quick Triage

Check authoritative records and client cache state.

Resolve-DnsName registry.internal -Server dns01
ipconfig /displaydns

Step-by-Step Diagnosis

Validate zone replication and split-brain DNS paths.

Get-DnsServerResourceRecord -ZoneName internal -Name registry
Illustrative mockup for windows-server-2022 β€” terminal_or_powershell
Registry DNS diagnostics β€” Illustrative mockup β€” Progressive Robot

Solution β€” Primary Fix

Correct DNS records, flush caches, and retest pull path.

Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.

Set-DnsServerResourceRecord -ZoneName internal -OldInputObject $old -NewInputObject $new
ipconfig /flushdns
Illustrative mockup for windows-server-2022 β€” event_or_log_viewer
Registry DNS remediation β€” Illustrative mockup β€” Progressive Robot

Solution β€” Alternative Approaches

Use temporary hosts entry while DNS changes propagate.

Add-Content C:WindowsSystem32driversetchosts '10.10.20.15 registry.internal'

Verification & Acceptance Criteria

Registry resolves to correct endpoint and image pull succeeds.

Test-NetConnection registry.internal -Port 443

Rollback Plan

Restore previous DNS record set if unintended service impact occurs.

Restore-DnsServerZone -Name internal -FileName internal.dns.bak

Prevention & Hardening

Automate DNS health checks for critical registry endpoints.

Resolve-DnsName registry.internal

Related: certificate CN mismatches and route asymmetry to registry VIP.

Related tutorial: View the step-by-step tutorial for Windows Server 2022.

View all Windows Server 2022 tutorials on the Tutorials Hub β†’

Browse all common problems & solutions on the Tutorials Hub.

References & Further Reading

Windows DNS operations and private container registry endpoint design guidance.

Need Expert Help?

If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today β€” we respond within one business day.