That's all true, but you can also, you know, like, talk to people without buying your whole solution from them :)
(btw, have you actually read past the first 7 words? I'm much more interested what people think about the latter parts.)
That is a valid point. Though I would probably check first what the scaling limits on VRFs actually are; there was some netdev work a while back to fix scaling with 100k to 1M devices (a VRF is a device, though also a bit more than that). It's only the server ("technician") that needs to have all of these (depends on the setup if that helps or not), intermediate devices just need to forward without looking at the tags, and the VPN entry point only cares about its own subset of customers.
I'd probably use the IPv6 + NAT64 setup in your situation.
On the later parts, VRF in my scenarios won’t scale.
Need to provide support access to 10k-50k locations all with the same subnet (industry standard equipment where the vendor mandates specific IP addressing, for better or worse). They are always feeding in data into the core too.
Much easier to just VPN+NAT.