pfSense

Default configuration is to monitor the WAN gateway once per second and to take action if it doesn't respond for 10 seconds. Taking action seems a little superfluous in a situation with a single WAN connection (e.g. SOHO Internet) because no alternative is available anyway. As part of the action it seems the WAN interface is brought up and down, and in particular, rules are reloaded.
In my case my ISP's cable gateway stopped responding to pings, most of the time. Internet connectivity was not affected, however pfsense starts playing yoyo with interfaces, rules reloading, and burning 100% CPU on the check_reload_status process plus a whole lot of php processes.
As part of the rule reload all pf tables are cleared of their FQDN entries. Because they have an (up to 5 minute?) delay of being re-established they effectively are never there in the WAN-yoyo case.
Not rate-limiting the GW up/down effectively produces a DoS.
Observed on 2.1.5 amd64, but probably present on all architectures and other 2.1 versions.