Why tag if all the same, packets reach any device using topology 2, and it is most often used?

The passage of traffic can be limited both by means of routing and by access lists.
Not all traffic passes between vlans; in the standard configuration, broadcast, unknown unknown unicast will not pass.
For one vlan, the gateway (physical router) can be one, for another - another.
In the end, one of the vlans can generally not be connected to the router if you need a clean L2 channel

Everything is extremely simple.
In the first scheme, traffic will not go at all between VLANs.
In the second, only targeted traffic will go between VLANs. And only if you configure routing between VLANs. Service like brodkastov will not go. + As stated above, you will have a process sheet toolkit for traffic management.

Your question is not quite understood. I can only explain the likely purpose of the router of the second scheme - providing access from one VLAN to another. It will differ from untagged usage in that the router will filter and restrict traffic between VLANs.
For example, let's imagine a situation with 2 VLANs - with office computers and office equipment. Computers from their own VLAN should have access to the VLAN with office equipment, but not vice versa.

When there is technological equipment in VLAN10, and an office with hamsters and viruses in VLAN20, then there will be no such questions.
On the router, you can kill part (if you need it) or all the traffic between networks (if it is, for example, a beauty salon and you need to give visitors free wifi, but visitors have nothing to do in the local area of ​​the salon).