Source based routing

RouterOS Beginner Basics
1

Hello

lapsio@nuc ~> ip route show
10.0.0.0/24 dev brguestservice proto kernel scope link src 10.0.0.1 
10.0.1.0/24 dev brguestlapsio proto kernel scope link src 10.0.1.1 
10.0.2.0/24 dev brguestmilosz proto kernel scope link src 10.0.2.1 
192.168.1.0/24 dev brhost proto kernel scope link src 192.168.1.9 
192.168.2.0/24 dev brguest proto kernel scope link src 192.168.2.4 

lapsio@nuc ~> ip route show table guest
default via 192.168.2.1 dev brguest proto static 
10.0.0.0/24 dev brguestservice proto static 
10.0.1.0/24 dev brguestlapsio proto static 
10.0.2.0/24 dev brguestmilosz proto static 
192.168.2.0/24 dev brguest proto static 

lapsio@nuc ~> ip route show table host
default via 192.168.1.1 dev brhost proto static 
192.168.1.0/24 dev brhost proto static 

lapsio@nuc ~> ip rule list
0:      from all lookup local 
32763:  from 10.0.0.0/16 lookup guest 
32764:  from 192.168.2.0/24 lookup guest 
32765:  from all iif lo lookup host              <- lo is loopback device, iif stands for input interface
32766:  from all lookup main 
32767:  from all lookup default

I’m using source based routing on my VM host machine in order to heavily separate host from guests traffic. How can I do similar thing in ROS? I mean I’d like router itself to use one subnet and one gateway for “own” traffic like ntp, router DNS requests etc., basically all traffic created by router itself and another subnet/gw to use for packet forwarding. For now I have this:

[lapsio@CCR1009SWAG] > /ip route print detail 
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 

 0   S  dst-address=0.0.0.0/0 pref-src=192.168.0.5 gateway=192.168.0.6%vlan0-rb gateway-status=192.168.0.6 unreachable distance=2 scope=30 target-scope=10 routing-mark=standard 

 1   S  dst-address=0.0.0.0/0 pref-src=192.168.10.2 gateway=192.168.10.1%vlan10-rb gateway-status=192.168.10.1 unreachable distance=2 scope=30 target-scope=10 routing-mark=service 

 2 ADC  dst-address=192.168.0.4/30 pref-src=192.168.0.5 gateway=br-gw gateway-status=br-gw reachable distance=0 scope=10 

 3 ADC  dst-address=192.168.1.0/24 pref-src=192.168.1.1 gateway=br-isolated gateway-status=br-isolated reachable distance=0 scope=10 

 4 ADC  dst-address=192.168.2.0/24 pref-src=192.168.2.1 gateway=br-dmz gateway-status=br-dmz reachable distance=0 scope=10 

 5 ADC  dst-address=192.168.10.0/24 pref-src=192.168.10.2 gateway=br-service gateway-status=br-service reachable distance=0 scope=10

Quite obvious idea is to mark packets from router in mangle as well as all other packets with routing-mark. But maybe there’s different, “better” way?