🟠 High   ⏱ 5–30 min  Last verified: 29 May 2026
Affected versions: Windows Server 2022

πŸ“– ~1 min read

Table of contents
  1. Symptom & Impact
  2. Environment & Reproduction
  3. Root Cause Analysis
  4. Quick Triage
  5. Step-by-Step Diagnosis
  6. Solution β€” Primary Fix
  7. Solution β€” Alternative Approaches
  8. Verification & Acceptance Criteria
  9. Rollback Plan
  10. Prevention & Hardening
  11. Related Errors & Cross-Refs
  12. References & Further Reading

Symptom & Impact

External name resolution is slow or fails; apps report intermittent internet host lookup errors.

Environment & Reproduction

Windows Server 2022 build 20348 DNS servers using unreachable or overloaded forwarders.

Get-DnsServerForwarder
Resolve-DnsName microsoft.com -Server 127.0.0.1
Test-NetConnection 8.8.8.8 -Port 53

Root Cause Analysis

Forwarder list includes dead resolvers or firewall egress blocks UDP/TCP 53.

Quick Triage

Compare direct root hints recursion versus configured forwarders.

Clear-DnsServerCache -Force
Resolve-DnsName github.com -Server 
Get-WinEvent -LogName 'DNS Server' -MaxEvents 50 | Select Id,Message

Step-by-Step Diagnosis

Measure timeout behavior and packet path to forwarders.

tracert 1.1.1.1
Test-NetConnection 1.1.1.1 -Port 53
Get-DnsServerDiagnostics
Illustrative mockup for windows-server-2022 β€” terminal_or_powershell
Forwarder and recursion checks β€” Illustrative mockup β€” Progressive Robot

Solution β€” Primary Fix

Replace bad forwarders and keep at least two healthy public or upstream resolvers.

Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.

Set-DnsServerForwarder -IPAddress 1.1.1.1,8.8.8.8 -UseRootHint $true
Clear-DnsServerCache -Force
Restart-Service DNS
Illustrative mockup for windows-server-2022 β€” event_or_log_viewer
DNS timeout events and query failures β€” Illustrative mockup β€” Progressive Robot

Solution β€” Alternative Approaches

If policy requires internal recursion only, remove forwarders and use root hints with firewall exceptions.

Remove-DnsServerForwarder -IPAddress 10.10.10.10 -Force
Set-DnsServerRecursion -Enable $true
Get-DnsServerRootHint

Verification & Acceptance Criteria

Average lookup time drops and timeout events cease.

Measure-Command { Resolve-DnsName powershellgallery.com -Server  }
Get-WinEvent -LogName 'DNS Server' -MaxEvents 30

Rollback Plan

Restore previous forwarder list if required for split-horizon routing.

Set-DnsServerForwarder -IPAddress 10.10.10.10,10.10.10.11 -UseRootHint $false

Prevention & Hardening

Monitor forwarder latency and availability continuously.

Get-DnsServerStatistics
Test-NetConnection 1.1.1.1 -Port 53
Test-NetConnection 8.8.8.8 -Port 53

Can overlap with firewall egress policy mistakes and MTU path issues.

Related tutorial: View the step-by-step tutorial for Windows Server 2022.

View all Windows Server 2022 tutorials on the Tutorials Hub β†’

Browse all common problems & solutions on the Tutorials Hub.

References & Further Reading

Microsoft Learn DNS forwarders and recursion behavior on Windows Server 2022.

Need Expert Help?

If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today β€” we respond within one business day.