If a pair of endpoints are using TLS protocol for secure data exchanges, does it make the encryption at the network or MAC layers redundant?
E.g. if I create a TLS session between two endpoints using bluetooth as transport, then can I turn off encryption at bluetooth level and still get the same level of data communication security?
TL;DR: TLS secures the connection to a specific host or service. It will not help to make sure that the right host or service is chosen correctly. If this is a problem or not depends on the specific use case.
TLS provides end-to-end protection against sniffing and modification even if no such protection is employed at the lower layers. It will also detect if an attacker tries to spoof an existing system by redirecting the underlying layers (i.e. ARP spoofing or spoofing response to an DNS A/CNAME lookup). Thus you don't need to have additional protection at the bluetooth level for an already TLS protected transfer.
But note that there might be parts of the systems protocol stack which are not sufficiently protected and which might lead to creating a TLS connection to the wrong host name or service. For example in order to deliver a mail between mail servers a DNS MX lookup is done to find the mail server for a specific domain. Since DNS lookups are commonly not protected against spoofing, a spoofing of the response to an MX lookup might be used to return a different target host name which results in a connection to the wrong (spoofed) mail server. In this case TLS will not help since the connection is done to the expected (spoofed) mail server which also returns a valid certificate for this (spoofed) mail server. Similar insecure discovery of target hosts and services exist in other protocols, like SIP (VoIP) or WPAD.
