Hey! The question is a bit technical, so bear with me.
A FTTH GPON connection works like this:
Downstream: OLT broadcasts data to all ONTs; each ONT filters its own data and discard the data intended for other ONTs.
This means that, theoretically, all the downstream traffic is shared with a bunch of other people (at the very least 16/32 of your node). Yes the traffic is encrypted and only the intended ONT can decrypt it... unless something bad happens (which is the threat model here, if someone has a misconfigured ONT / outdated firmware).
If one uses Mullvad VPN in this scenario, is the traffic in downstream (from Mullvad Server to you) encrypted so that only you can decrypt it?
Say I download a Linux.iso, without a vpn, the OLT would broadcast that linux.iso to all ONTs and if one was bad, they would also receive my precious linux.iso.
If I'm connected through Mullvad vpn, would that bad ONT only see gibberish because the linux.iso would be encrypted through the VPN tunnel and only I, the intended recipient, would be able to enjoy all its linux glory?
Thanks!