But I will. If you spit it up into two sections, then the attacker will simply attack both servers. How many secondary servers would you need before the attack is spread too thin to deny service? Who knows.
That's easy. You put ALL of them in the peering pool. If you don't put your servers in the peering pool, then an attack can take you down... but no one else. Good luck getting customers in the future.
It's very easy: 10,000 DNS servers means a 1:10,000 chance of them hitting both your primary and secondary servers for your domain. Unless it's YOU the bad guys are attacking, instead of the DNS infrastructure (and if it's YOU, you have other problems), then it's unlikely that both your primary and secondary will get hit.
But don't forget that the companies are paying for all this bandwidth.
Yes. And to make it fair, you scale your presence in the pool by the number of domains you are personally hosting. If you host 1,000 domains, then at most you will also be secondary for 1,000 domains. If you host 1,000,000 domains, then you will host at most 1,000,000 secondaries.
This is why it's a peering pool.
Even if their services stay online they're spending $$$ to keep them online while the attacker isn't spending any money.
One company is an acceptable casualty. It's likely, however, that the Bad Guys(tm) were either targeting a number of specific domains, or they were targeting Dyn itself.
Either way, you'd set up collective defense resources for all pool members (that way, even if they were just going after Dyn, you could still afford to go after the culprit).