What I meant by that is simple: forcing every packet through a virtual machine has a cost, and it’s one that I found was valuable only when I needed to control the flow of packets that carefully.
My current VM just uses Zeroshell for DHCP and DNS, authentication over LDAP, etc. There’s some great stuff in there. But using it as the router is a little excessive unless you’re using the packet filtering, which I found I really wasn’t.