Just curious about Let's Encrypt's servers: what drives the decision to use 2048-bit RSA keys for R12 and R13, rather than 4096-bit RSA-keys like the one used for ISRG Root X1?
How come all of the ECDSA servers use 384-bit keys rather than using 256-bit keys for the intermediate servers and 384 for the root?
Agree with this.
The roots don't have to be sent during the TLS handshake, so the size doesn't matter much there. The intermediates are, so using RSA 2048 instead of 4096 has a real benefit.
The ECDSA certs are much smaller than RSA anyway, so using a smaller key doesn't matter much in that case.
This got discussed a bit in an earlier topic: Preview of our upcoming Root Ceremony - #22 by aarongable
Is TLS traffic bandwidth the dominant consideration here?
I can guess it's some tradeoff between transmission bandwidth, log storage, and the time needed for certificate generation on the server side / verification on the client side.
But I'd like to hear what the rationale was from ISRG's side.
@dextercd got it exactly right, by quoting a previous statement of the rationale from ISRG's side 
Yes.
Log storage has never been a contributing factor in these decisions. Neither has certificate generation time; since that's only done once per cert, and only by us (the rest of the internet doesn't bear the cost). Verification time is a factor, but is completely drowned out by transmission time.