But a relatively normal firewall daemon supports variables and aliases and lookups etc. I suppose if you don't use address lists or address tags and no DNS and no DDNS then it would indeed be a problem.
I have played with multiple routers even commercial ones that do not support aliases or anything but static addresses. You are not wrong but what you suggest is far from the norm.
DNS is generally looked up once, on ruleset initalization, there is no way a firewall is going to look up DNS every single time a rule is referenced. Since DNS here is changing constantly, this is unhelpful.
