Service Discovery using embedded dns, do I need a private zone?

So I’m starting to transition some microservices to using docker’s embedded dns server. The services need internet access and they need to be able to talk to each other, so for the first stage of the transition, the plan is to have them on the default bridge network in addition to a custom bridge network with aliases for service discovery.

This is a single node VM running on a customer premise. My worry is that if a service does a lookup, it has no way of knowing if that lookup was forwarded to an upstream resolver or if the response is from the embedded dns server itself.

I was wondering if there was any way to delegate an entire zone as local to avoid sending these queries off to any other resolver.