Everyone's dunking on /etc/hosts, but I've debugged enough production DNS loops to get the temptation. It's not the right answer, but the impulse isn't crazy either.
At the very least you can put it at the bottom of your /etc/resolv.conf prioritization and put some backup systems like an SSH bastion in /etc/hosts so that there's some system out there that you can reach with mutual-auth in the event that your DNS is REALLY messed up.