Stephen, that's a straw-man argument. Nobody's arguing against
VLANs. Paul's argument was that VLANs rendered shared subnets
obsolete, and everybody else has been rebutting that. Not saying that
VLANs shouldn't be used.

I believe shared VLANs for IXP interconnect are obsolete. Whether they
get retired in favor of modern technology is another question, a
business question.

About a year and a half ago, I built something much like the
alternative being discussed as a community service project;
pseudo-wire services for VNIs (participants can encrypt or not
depending on their need), and a shared L3 cloud with private ASN
numbering to provide inter-participant IP connectivity and some shared
transit. The fabric survives fiber cuts without any disruption in
connectivity (I didn't get to spec the fiber paths, so there are some
places where the "ring" collapses into a single fiber bundle);
everyone's HIPAA and FERPA concerns were met at the design phase;
user-visible problems have been few, and problem diagnosis has been
simple. There aren't a lot of participants, so I didn't do much in the
way of self-service automation for provisioning, but I can see where
it would be fairly straightforward and nicely scalable.

If I were back in the IXP business, building a distributed metro-area
fabric, that's how I'd do it, and I'd invest in automated,
self-service provisioning. There would be no shared VLAN. I predict
that the network would be more reliable, and could be operated more
cost-efficiently as a result.