> No, there are no rules depending on tos but ip_route_input
> selects different paths for masqueraded packets from same connection
> but with different tos.
Hey, stop! tos has nothing to do with this. Your problem is much
worse, the same thing will happen as soon as route disappears from cache.
> Yes, it is a complicated issue, simple setup:
Masquerading to different sources depending on multipath selection? Right?
Well, it is exactly the situation when multipath is illegal.
It is legal only when different hands of multipath bring the same
packet to the same destination.
Please, do not try to bring statefullness of any kind to routing.
Especially, taking into account that the same thing can be made
if you sync to state internal to masquerading with an fwmark.
Seems, your "lsrc" is just a second fwmark.