dnsforward: only check recursion for private rdns

internal/dnsforward/dnsforward.go

@@ -265,13 +265,6 @@ func (s *Server) Exchange(ip net.IP) (host string, err error) {
 		return "", nil
 	}
 
-	var resolver *proxy.Proxy = s.localResolvers
-	if !s.subnetDetector.IsLocallyServedNetwork(ip) {
-		resolver = s.internalProxy
-	} else if !s.conf.UsePrivateRDNS {
-		return "", nil
-	}
-
 	arpa := dns.Fqdn(aghnet.ReverseAddr(ip))
 	req := &dns.Msg{
 		MsgHdr: dns.MsgHdr{
@@ -291,7 +284,16 @@ func (s *Server) Exchange(ip net.IP) (host string, err error) {
 		StartTime: time.Now(),
 	}
 
-	s.recDetector.add(*req)
+	var resolver *proxy.Proxy = s.internalProxy
+	if s.subnetDetector.IsLocallyServedNetwork(ip) {
+		if !s.conf.UsePrivateRDNS {
+			return "", nil
+		}
+
+		resolver = s.localResolvers
+		s.recDetector.add(*req)
+	}
+
 	if err = resolver.Resolve(ctx); err != nil {
 		return "", err
 	}

internal/dnsforward/recursiondetector.go

@@ -26,7 +26,7 @@ type recursionDetector struct {
 	ttl            time.Duration
 }
 
-// check checks if the passed req was already sent by s.
+// check checks if the passed req was already sent by the server.
 func (rd *recursionDetector) check(msg dns.Msg) (ok bool) {
 	if len(msg.Question) == 0 {
 		return false