How does strongswan route?
When raccoon was used in previous versions of pfSense, and you had a supernet (eg. 10.0.0.0/16) in the IPSec. And you had a local network in that range (eg 10.0.10.0/24) locally, pfSense sent the traffic over the IPSec link instead of the Link-local.
How is this handled now with newer pfSense-versions and strongswan?
It still works the same way, except there is a bypass for the LAN network itself.
Otherwise it still matches based on the contents of the SPD table (Status > IPsec, SPD tab). If a connection matches the SPD table entries, it's put into IPsec. There is no "routing" in the classical sense.