Hey David, I just tested your proposed patch and I want to confirm that it works great for my use-case. I get the same rule-selected route based on firewall mark as the outside ip route get ... mark ... Also since we didn't touch the ports, multipathing works as expected - gives a different route based on the hash of the socket tuple. So having said that I can't help but wonder what the next steps might be. Are you able/willing to incorporate this work in the kernel? If yes I also wonder if it would be possible to backport it into 5.10 branch? Thank you and Daniel for looking into this. I appreciate your efforts. Cheers, Rumen Telbizov
