[23.0 backport] libnetwork: check DNS loopback with user DNS opts

[corhere]

• Backport of libnetwork: check DNS loopback with user DNS opts #44976 to 23.0
• Fixes --dns-opt breaks resolving of external names by internal DNS server docker/for-linux#1404
• Closes Fixed clashing embedded DNS with systemd-resolved #43705

- What I did
DNS servers in the loopback address range should always be resolved in the host network namespace when the servers are configured by reading from the host's /etc/resolv.conf. The daemon mistakenly conflated the presence of DNS options (docker run --dns-opt) with user-supplied DNS servers, treating the list of servers loaded from the host as a user- supplied list and attempting to resolve in the container's network namespace. Correct this oversight so that loopback DNS servers are only resolved in the container's network namespace when the user provides the DNS server list, irrespective of other DNS configuration.

- How I did it
Should be self-explanatory.

- How to verify it
Run a daemon on a host with DNS resolved by systemd-resolved or some other configuration with loopback-to-localhost DNS resolution. Run a container attached to a user-defined network with some --dns-opt flag and verify that DNS resolves within the container.

$ docker network create br1
006efd576eab62b9503e3d0a8ea642836a01c052c83531e955dd25b7e29fd470
$ docker run --rm --network br1 --dns-opt attempts:1 alpine nslookup google.com
Server:		127.0.0.11
Address:	127.0.0.11:53

Non-authoritative answer:
Name:	google.com
Address: 142.251.41.78

Non-authoritative answer:
Name:	google.com
Address: 2607:f8b0:400b:804::200e

- Description for the changelog

• Fixed an issue which would cause DNS resolution to fail inside containers attached to user-defined networks when the container is created using the --dns-opt or --dns-search flags and systemd-resolved is used for DNS resolution on the host.

- A picture of a cute animal (not mandatory but encouraged)

[thaJeztah]

LGTM