Domain isolation through virtual network machines

1. A single network device to act as an intermediate station comprising:

• a plurality of transceivers to communicate information resources between subscriber end stations and nodes belonging to different network domains; and
  
  a non-transitory machine-readable medium having stored therein a set of instructions to cause the single network device to, instantiate different virtual network machines for the different network domains,wherein each of the different virtual network machines is one of a virtual router and a virtual bridge,wherein each of the different virtual network machines has a separate independently administrable network database,wherein administrative chores of the separate independently administrable network databases include an assignment of access control and a configuration of policies for the separate independently administrable network databases,wherein the access control comprises user identifiers such as user names, passwords, and unique keys,wherein the policies comprise traffic filtering policies to indicate what kind of information payloads can be carried, and traffic and route filtering policies to indicate what paths through the different network domains will be used for each payload carried, andwherein each of the different network domains is to comprise a plurality of nodes and links that include one of the different virtual network machines, and each of the different network domains is virtually isolated from the other different network domains, andcouple different ones of the subscriber end stations to different ones of the different virtual network machines through dynamic bindings,communicate information resources of different ones of the subscriber end stations using the virtual network machines to which those subscriber end stations are currently coupled, andrecord subscriber activity for accounting.