I work at a small ISP, and we want to limit the bandwidth to our
customers using a bridging firewall. (Using dummynet) If the
firewall were to go down, we would like our customers to still be
able to access the internet. This means that we need redundant
paths (using STP). Our router only has one ethernet port. We
conceived a plan to use different VLANs, and route all traffic
going to one through the other one. Is this possible to do
this without another switch? If so, how would we go about it?

+----------+ +----------+ +----------+
| Router |---| Switch |--| Firewall |
+----------+ +----------+ +----------+
| | | |_______|
_____| | |
| | |___+------+
+-----+ +----+ | Host |
|Host | |Host| +------+
+-----+ +----+

The switch forwards everything to the firewall, which controls traffic
speed. The firewall is only a bridge, there's no routing.