Manual is not completely clear to me so here's some questions for any vlan expert...

"VLAN successflly passes through regular Ethernet bridges."

So, if a router has an ethernet bridge enabled over ether1 & ether2, and the vlan travels over this bridge, it doesn't need a vlan interface to be mentioned? Not on the bridge, not on the bridge participating physical interfaces? As long as the vlan interface on the adjacent routers can 'see' eachother through the bridge the vlan will travel through as well? I have it working on some routers. But some other router seems to have an issue with it.

Do I also read the manual well, that in case any vlan travels over more than one router/switch the service tag has to be enabled?

Also the ARP funcion puzzles me. On longer run vlan (over several routers) mostly I learned that to have the vlan 'running' I need to disable ARP, or at least set it so 'reply only'. When I enable it the vlan stops to run.
But on some vlans it is just the otherway around? Why? Has this anything to do with bridges? Because some of my long vlans run over routers AND ethernet bridges AND are bridged themselves over two router interfaces....

If a 'bridged'-router has a 3rd interface connected to a different network.
To have it participating in the vlan, do I have to bring the ether3 into the ethernet bridge? Or do I have to make a vlan attached to this ether3 and bring that one into the bridge?

Also, Q in Q. I understand that you can make several lans inside eachother. So vlan interfaces stacked upon eachother..
Does this mean they should not run side by side on a physical interface? It seems to work but than again, I also see loads of problems. (But I see them anyway..)

vlan adds 4bytes to the ethernet header. So on a single lan the packages traveling through the link get infact an extra 4bytes inserted in the ethernet header, for the packages belonging to this vlan...
If I now make a second vlan 'inside'(or 'on top') than an extra 4byts flag is inserted. So we have 8 bytes extra now. So package beloning to vlan2 always have 8bytes header now?
What if I need 200 vlans? Now last vlan gets 200x4=800extra bytes header?
Hence I thought it was better to have vlans running side by side. So package always only get its header attached, so only 4 bytes.

What to do to overcome many vlans on an interface (= wireless so I want to reduce payload as much as possible)? If Q in Q creates too many overhead, and parrallel vlans are not possible, can I 'pipe' several vlans entering router on one or more interfaces, into one new vlan that is created on a backhaul interface?
How do I do the vlan connection?

For instance on ether 2 and ether 3 each have 3 vlans entering (Q in Q?).
This makes 6 to transport over the backhaul.
Now I can do Q in Q, but create extra payload only in doing so.
Or I can make one new vlan on ether1.

How do I now make sure traffic from each of the vlan from ether2 and ether3 travel over ether1?
Do I make one big 'vlan-bridge' bridge and bridge all the vlan's from ether 1, 2 and 3 into this bridge?
Or do I bridge the ether 1, 2 and 3 themselves in a bridge so vlans are all actually termination and starting at this router?

Many questions, would be nice someone can give me some lessons here....

The diagrams in this article might help to answer some of the questions : http://en.wikipedia.org/wiki/IEEE_802.1Q

Well, I've been reading that before. Still some questions I have:

Using vlans would make traffic separation possible and limit broadcast of clients spread all over the network.

Presently I have a routed network. Meaning that each (I have 28 in a small region) AP has its own /24, /25, /26, /27 or /28 network assigned and has its own dhcp-server. So now all these client's IP addresses travel over my mainly routed network towards my central gateway to go to the internet.
Some client's traffic have to travel up to 8 hops to reach it.

In the main gateway we have a src-nat for each single client into a public IP (or groups of clients get to share one) and I have single queues for each client. So many IP on the WAN interface. And as many srce-nat rules.

We are growing so I want something better than that. I want all clients basically to get an IP out of one or 2 (or later 3) pools of IP's only. I want to assign them public IP's too directly on their routers.
This to eliminate the need of mentioning all public IP on the WAN interface, and also more simple srce-nat rules. (1/1 net mapping or just 'pass' for a whole network.)

To do this I basically need to have all clients in one broadcast domain. So one dhcp (or PPoE) server can assign them all IP's out of one /24 or /23-/22 network.
To use one central IP server I need one location where that server can be reached, the gateway.
To get all these remote AP networks in the same network of this server they all have to be bridged-into the servers network. So I need to work with some tunnel.
I choose to make vlans all starting in one bridge at the gateway (that helds the server) and termination in each AP so clients can than 'see' the server just by connection to the vlan port at the AP.
Each client will now request PPoE info of server to build private PPoE tunnel into the bridge on the gateway.

My only question/worry is now; By having all the vlans and/or PPoE tunnels connecting in one broadcast domain (the bridge in the gateway were the server is located) are all clients now not broadcasting over all these tunnels? So am I not making broadcast traffic to explode on my network?
But now I am actually creating one big network again, were all clients are broadcasting package into each and everyone's tunnel?