<div dir="auto"><div>The problem you are going to run into is routing outbound traffic the proper way. There the solutions I can come up with are policy based routing (which doesn't seem very elegant) and VRF-lite (not sure if or how well supported it is in your device).<div dir="auto"><br></div><div dir="auto">For policy based, BGP session from corporate office over GRE to advertise your new route and route map on any interface that may receive traffic from the new network that sends internet traffic across the GRE tunnel.</div><div dir="auto"><br></div><div dir="auto">For the route map, you need an ACL that denys any local traffic then permits <a href="http://0.0.0.0/0" target="_blank" rel="noreferrer">0.0.0.0/0</a>, then use that to set the next hop to the other side of the GRE tunnel. It kind of defeats the purpose of dynamic routing.</div><div dir="auto"><br></div><div dir="auto">If the corporate device supports VRF-lite, you could create a vrf for that network, peer it with the datacenter via GRE for a default route, and peer it with the default vrf for local routes. Read the docs, though... you often lose a lot of functionality on an interface that has a VRF on Brocade devices.<br><div dir="auto"><br></div><div dir="auto">-- </div><div dir="auto">Eldon</div></div><br><br><div class="gmail_quote"><div dir="ltr">On Fri, Jun 15, 2018, 08:16 Derek Maxwell <<a href="mailto:derek.maxwell@chosentechgroup.com" target="_blank" rel="noreferrer">derek.maxwell@chosentechgroup.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div id="m_8659614982650058516m_4237528375634306216divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif" dir="ltr">
<p style="margin-top:0;margin-bottom:0">Note to the list - one of our vendors pointed out that I made an error - the equipment at the corporate end is actually a FCX-648 with the Premium license.
<br style="font-family:Calibri,Helvetica,sans-serif,serif,EmojiFont;font-size:16px">
</p>
<div id="m_8659614982650058516m_4237528375634306216Signature">
<div id="m_8659614982650058516m_4237528375634306216divtagdefaultwrapper" dir="ltr" style="font-size:12pt;color:rgb(0,0,0);font-family:Calibri,Helvetica,sans-serif,"EmojiFont","Apple Color Emoji","Segoe UI Emoji",NotoColorEmoji,"Segoe UI Symbol","Android Emoji",EmojiSymbols">
<p></p>
<p style="font-family:Calibri,Helvetica,sans-serif,serif,EmojiFont;font-size:16px">
</p>
<span id="m_8659614982650058516m_4237528375634306216ms-rterangepaste-end"></span><br>
<p></p>
</div>
</div>
<br>
<div style="color:rgb(0,0,0)">
<hr style="display:inline-block;width:98%">
<div id="m_8659614982650058516m_4237528375634306216divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b> foundry-nsp <<a href="mailto:foundry-nsp-bounces@puck.nether.net" rel="noreferrer noreferrer" target="_blank">foundry-nsp-bounces@puck.nether.net</a>> on behalf of Derek Maxwell <<a href="mailto:derek.maxwell@chosentechgroup.com" rel="noreferrer noreferrer" target="_blank">derek.maxwell@chosentechgroup.com</a>><br>
<b>Sent:</b> Thursday, June 14, 2018 7:55 PM<br>
<b>To:</b> <a href="mailto:foundry-nsp@puck.nether.net" rel="noreferrer noreferrer" target="_blank">foundry-nsp@puck.nether.net</a><br>
<b>Subject:</b> [f-nsp] GRE Tunnel - Foundry RX-4 to FESX-648 PREM over Public Internet</font>
<div> </div>
</div>
<div dir="ltr">
<div id="m_8659614982650058516m_4237528375634306216x_divtagdefaultwrapper" dir="ltr" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif">
<p style="margin-top:0;margin-bottom:0">Not sure if this is possible, but curious if anyone has any ideas for the config.</p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<p style="margin-top:0;margin-bottom:0">We have a few /24s that we announce in our datacenter over BGP (Foundry RX-4)</p>
<p style="margin-top:0;margin-bottom:0"><br>
We have a statically routed /28 from AT&T at our corporate office (FESX-648 PREM as a Layer 3 switch)<br>
</p>
<p style="margin-top:0;margin-bottom:0"><br>
Due to an IP address shortage, we need to route back a /28 carved out of our datacenter IP address space to the corporate office. I know this is doable via a GRE tunnel, but not sure where to start with a config.
<br>
</p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<p style="margin-top:0;margin-bottom:0">Any suggestions on execution for this scenario, or am I wrong that it will work?
<br>
</p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<p style="margin-top:0;margin-bottom:0">--Derek Maxwell</p>
<p style="margin-top:0;margin-bottom:0">Chosen Technology Group / Chosen Payments<br>
</p>
<div id="m_8659614982650058516m_4237528375634306216x_Signature">
<div id="m_8659614982650058516m_4237528375634306216x_divtagdefaultwrapper" dir="ltr" style="font-size:12pt;color:rgb(0,0,0);font-family:Calibri,Helvetica,sans-serif,"EmojiFont","Apple Color Emoji","Segoe UI Emoji",NotoColorEmoji,"Segoe UI Symbol","Android Emoji",EmojiSymbols">
<table class="m_8659614982650058516m_4237528375634306216x_x_x_x_MsoNormalTable" style="font-size:16px;font-family:wf_segoe-ui_normal,"Segoe UI","Segoe WP",Tahoma,Arial,sans-serif,serif,EmojiFont;border-collapse:collapse" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<td style="width:330.35pt;padding:0in 5.4pt" width="440"><br>
</td>
<td style="width:120pt;padding:0in 5.4pt" width="160"><br>
</td>
<td style="width:2.5in;border-top:none;border-right:none;border-bottom:none;border-left:3pt solid rgb(158,109,46);padding:0in 5.4pt" width="240">
<br>
</td>
</tr>
</tbody>
</table>
<br style="font-family:Calibri,Helvetica,sans-serif,serif,EmojiFont;font-size:16px">
<p></p>
<p style="font-family:Calibri,Helvetica,sans-serif,serif,EmojiFont;font-size:16px">
</p>
<span id="m_8659614982650058516m_4237528375634306216x_ms-rterangepaste-end"></span><br>
<p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
_______________________________________________<br>
foundry-nsp mailing list<br>
<a href="mailto:foundry-nsp@puck.nether.net" rel="noreferrer noreferrer" target="_blank">foundry-nsp@puck.nether.net</a><br>
<a href="http://puck.nether.net/mailman/listinfo/foundry-nsp" rel="noreferrer noreferrer noreferrer" target="_blank">http://puck.nether.net/mailman/listinfo/foundry-nsp</a><br>
</blockquote></div></div></div>