Adding ip rules for multi table systems


When running multiple internet connections from the same router the way to allow the use of both interfaces at the same time is to create a new routing table (which Vyos makes very easy - set protocols static table …) then creating to and from rules for each interface using ip rule:
ip rule add from table 2
ip rule add to table 2

The above is much the same as in this thread:
however I tried the suggested solution and did not find it effective. So my thought is to script in specific adding of rules using “ip rule” rather than relying on iptables configuration through

I could just script this in somewhere in a hacky fashion but I really don’t want to, I’d rather add it to the current vyatta-cfg tree so that it can be configured in a standard way.
So my question is - where would you add such config items?

My first thought was in:

policy {
    route intf-route {
        rule 10 {
            set {
                table 2
            source {
                /* Would need to add an interface option for source and dest so that it could pull the required IP for the rule (such as if it is assigned by dhcp or ipcp */
                interface pppoe0
            dest {
                interface pppoe0

This would make sense as what I want to do is basically policy routing.
However, the route node.def hands everything off to and would somehow need to check whether the rule should go to or to a wrapper for ip rule.

So my other thought is in the interface config with something like:

         pppoe 0 {
             default-route auto
             firewall {
                 local {
                     name SSH_PROTECT
             mtu 1492
             password Password
             /* Here: */
             rule {
             user-id username

but that feels too non-standard or illogical. It would make more sense just to have it in policy{} then use

policy {
      route intf-route

in the interface.

Should I put the work into making policy routes launch a wrapper script for ‘ip rule’ when appropriate and other times (or even add an ‘ip rule’ wrapper function into, then figure out when to call it), or can someone think of a better way?