For quite a while, on my two Rocky Linux servers/hypervisors, I got the following message if I log in via my Samba Active Directory:

Domain Controller unreachable, using cached credentials instead

I upgraded both my hosts to Rocky 10 via re-installing, yet the same error still showed. I used a MikroTik core router, with a DNS resolver forwarding AD DNS to the domain controllers.

Unrelated yet somewhat related, I had family members complain about “slow internet” even when I get 180-300 Mbps download and 40-75 Mbps uploads. I use a Calyx Sprout SIM with a L2TP tunnel for a public IPv4.

I considered going back to OPNsense, or using Spectrum as my ISP since Verizon FiOS isn’t available due to “rights of way issues”.

But DNS. I learned MikroTik DNS really sucks. It’s slow to resolve, unreliable, and even when we had fiber it sucked. I haven’t had DOCSIS in years, but on non-fiber it’s even worse.

So what do I do? I could buy an OPNsense box. I could switch to Spectrum (which I avoid for slow DOCSIS uploads), but Spectrum won’t fix MikroTik bugs.

Or I could use my unused Raspberry Pi 4 and turn it into a network-wide DNS resolver.

Pictured: my Raspberry Pi DNS server, connected to my MikroTik CCR2004-16G-2S+

Yes, it isn’t “redundant”, but I have another spare Pi 4 if mine fails. And hey, DNS resolution is faster. That is, despite our terrible latency and T-Mobile’s subpar routing to my L2TP VPN IN NYC where I’m also located.

What OS are you running on your Pi 4?

Rocky Linux 10.

How much RAM is in your Pi 4?

4GB.

Which DNS Resolver are you running?

Unbound.

Why not a DNS VM on your two Minisforum MS-01s?

I don’t want to kick our house offline when I update my servers.