Just to circle back here, I've reviewed the trace output and it shows multiple requests fired off for lookups on the `roles` table which indicated to me that the default `cassandra` superuser is being used. To be clear, the original read request is being executed at the configured consistency BUT authenticating with the default `cassandra` superuser requires `QUORUM` so it spans across DCs.
For this reason, we recommend that the default `cassandra` superuser only be used for provisioning a new admin role then should not be used again. Cheers! >