Using private networking for CI builds / registry

I’ve got a GitLab CE instance installed via omnibus running on a VPS, and I have a runner on a separate VPS in the same datacenter. My datacenter provides private networking between hosts, with no data caps and much higher transfer speeds than using the public interfaces.

My question is, has anyone set up a CI runner to connect to a GitLab Docker Registry via private networking? This should significantly reduce pull/push time.

Documentation for the GitLab Container Registry with CI runner proposes the following sample configuration:

   image: docker:latest
   - docker:dind
   stage: build
     - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN
     - docker build -t .
     - docker push

I didn’t find any relevant settings for GitLab nor GitLab multi-runner that would help. Using the above example as a template for discussion, I tried changing

docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN


docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN

where was set as a DNS A record to the private IP of the GitLab CE host. But I got an error during prebuild:

Checking out 284260f2 as master...
$ docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN
Error response from daemon: Get dial tcp w.x.y.z:443: getsockopt: connection refused
ERROR: Build failed: exit status 1

Anyone waded into these waters before? Is there any documentation I’m missing?