I asked why they thought that but didnt get a reply. I know this is not overly helpful.
Indeed it's not. Anyone connected to the Internet can be hit by a DNS amplification attack. It's not very likely to have actually happened though.
What I did find was that their idea of a DMZ was to forward all ports, TCP only, to the server. (No UDP on 53) and I am wondering if this may have some bearing.
Sounds like you are dealing with someone with only half a clue. If UDP doesn't reach your server, then DNS isn't going to work. However, it doesn't need to be port forwarded to your server if the router does NAT properly.
I had initially envisaged going directly from the ONT to NIC and reconfiguring for PPoE however I was advised this could not happen as fibre delivery requires VLAN tagging, unsupported by SME, and they used a Microtik router at the front door.
If you need to use a vlan interface for your WAN that could be done, but would need some modifications.
If I go onto the sight, where should I start looking and for what ?
Well, for a start, knowing what works and what doesn't would be a good starting point. At the moment you either don't know or haven't told us.
Treat the mention of 'DNS amplification attacks' as uninformed waffling, and start from first principles.