[Firerouge]

The minor note that his ISP rate limited DNS to 36 or 50 response batches stood out to me. I don't understand why they'd want to do that or how that benefits them.

Is this the sort of targeted traffic shaping net neutrality would prohibit?

[rocqua]

DNS (used to be?) is a great amplifier for DDOS attacks. Because the 'source' address is user supplied, and there are DNS responses that are much larger than the requests. So you can use 1Mb/s of data to send DNS queries with your targets IP as the source address to get e.g. a 10Mb/s stream of data to your target.

Maybe the rate-limiting is an attempt to subvert being used in this kind of DDOS.

[benjojo12]

He was [likely] using his ISP's or Other providers resolvers, Large bursts of queries are very annoying to deal with, and are very rarely legit ( and more software going wrong )

It's very common to rate limit querying down to some low number to protect the rest of the customers using it

[whoopdedo]

Likely a defense against DDOS.