Now that my BGP announced 44.x range is up and running, I'd like to be able to make it transparently accessible for tunneled networks. I just need to double check a few things.
First, I know I'd need to run ampr-ripd on the box. I also have non-44 net addresses to use as the ipip encap endpoint. What else do I need to do? Do I need to advertise the subnet as "tunneled" in addition to direct in the portal? Anything else?
That is all you need to do. There is no need to setup policy routing ("ip rule") in this case, and also you should not add any static routes such as a default route for AMPRnet traffic. Only use the routes provided by ampr-ripd and load them into the main table. Indeed you need to check "tunneled" in the portal.
It is a desirable step for any BGP advertised subnet, not only for the echolink proxies, to do this. It will allow communication with those that are "only" on the tunnel mesh (i.e. they do not route towards internet, or do NAT when routing to internet), and it is more efficient than doing that via another gw like ampr-gw. And it is quite a simple setup. Of course you should also consider the effect on the firewall settings.
Rob