It looks like a charm: only one SSID and no one knows that he is currently using the main or guest local network.
It may look like it, but doesn't work without some heavy iron features (some might call them enterprise features): RADIUS for customizable passwords and VLANs (so that RADIUS will request to put different stations into different VLANs which translate into different networks).
Or, if you are willing to share same security credentials for everybody, you can go with poor man's solution: MAC-based ACLs with VLAN IDs. This way some "well known" clients will be placed into "main" network, the rest will use guest network. This doesn't work with anonymizing MAC address BS because every time client will connect to your network, it'll have different MAC address.
The way you did it is against standards: when device sees multiple BSSIDs (wireless interface MAC addresses) serving same SSID it rightfully assumes it sees an eSSID and that it can freely roam between constituting BSSIDs (it will be able to use same PSK, it doesn't have to perform any L2/L3 handshake because it'll still be in same L3 subnet ... which means same IP setup including own IP address, gateway IP address, DNS server addresses, etc.).