I have to change the ISP network from static to dynamic using OSPF, and one of his requirements is that not every router in the network have to know each other by that they mean appear in the route list.

I have try with stub and nssa areas with no success, i'm still a novice in OSPF so i don't really know if what they need me to do is actually possible or not.

I have attached a mini version of the network as an example

What i need to know if can i discard the 10.2.0.0/24 network on MUTIS, China and PALO?
Also can Recta discard the 10.5.0.0/24 network ?
All of this while OFICINA and VH still have the entire network in his route list

I have been able to do one of does at a time but can't do the 3 at the same time. I also saw that you can just filter the route and have everything as a default area but they told to try first if i can do it without needing to just filter the route

I would greatly appreciate if you can tell me if this is actually possible or I'm just trying to do something impossible in OSPF
Thank you!

PD: Sorry for my bad english.

A couple of observations that might help:

1) OSPF has a strict area hierarchy where a backbone area (area 0) borders all additional areas. The link topology may not be, but the areas must be hub-and-spoke. The exceptions to this (virtual links) aren’t generally considered good practice in greenfield designs unless you have a very specific problem you are trying to solve or are trying to heal an area partition in an emergency.

The upshot of this is that in your example topology, areas 1 and 2 cannot have a backdoor link (10.3.0.0) at least within one instance of the protocol. It’s been a while since I’ve tested what happens but I seem to remember that they won’t form an adjacency between two non-zero areas to prevent it.

2) Unless you have a ton of routers, multi-area OSPF usually isn’t worth the complexity with contemporary router CPU/memory resources.

3) Can you describe more of the reasoning behind why you want to hide routes from the table? Am I correct to understand that you are running OSPF with an upstream ISP?

If that is the case, you may want to consider asking the provider to run BGP with you. Running OSPF across administrative boundaries is usually inadvisable and BGP gives you a lot more tools to control route policy with.

In that case you could run a simple, single-area OSPF instance in your network with no topology hiding and then separately originate in BGP the prefixes your upstream provider wants. Your AS-border router(s) can then originate a default into OSPF.

Hi eduplant, sorry for the late reply.

About your first observation you are absolutely right, can't believe I didn't saw that earlier that the 10.3.0.0 link is between non-zero areas. I will take that in consideration in a redesign of the topology.

On your second observation, I also think a single area OSPF will be better since the complete topology has about 20 routers. But my boss told me that he wants it like that because that way each area will resemble a different geographic zone of the topology.

And about your last observation the ISP is more like a tier 3 ISP, they only provide internet access to the entire state. And the reasoning they want to hide/filter the routes from the table is because they think it is unnecessary for all the routers to know the entire network and they want each router (except the one called OFICINA) to only know the routes that get them to the router OFICINA.

For example, they think it isn’t necessary for the router RECTA to know anything about the GREEN area.

Also, I think asking them about trying BGP instead of OSPF is a great idea.

PD: I hope the way I’m explaining myself actually makes sense, I try to use google translate to make it more readable this time.

Your reply makes sense to me. Are your ISP links pictured or is this only your internal topology? If this is your internal topology, where do the provider uplinks come in?

Running BGP rather than OSPF with another provider (or anyone outside of the administrative control of your organization) is always preferable. Still, if you have a lot of sites and a lot of uplinks to your ISP, I would want to give reasonable advise about how to configure BGP for that situation, too.

OSPF doesn't scale. Because OSPF is designed to be a fast convergence, link-state protocol. It's not designed to be a policy shaping routing protocol like BGP.

There are a few guys out there in the market who builds ISP networks using a combination of eBGP and iBGP inspired by this:
https://www.rfc-editor.org/rfc/rfc7938.html

You should reach out to consultants IMO.

OSPF/is-is is is still used but only for learning loopbacks over which the BGP peers. BFD is used extensively as far to improve convergence.

Hello eduplant and DarkNate.

Yes, this is only the internal topology. The provider uplinks will come through the router called "OFICINA".

I would show you the entire topology but I don't want to get in any trouble with the company, but I can say that the part of it that they want me to implement OSPF consist of 18 routers + 4 SW. Also, by a lot of sites do you mean more routers or IP's? Because I saw that all of those 18 routers have lots of more connections to other routers that are more or less tertiary so they will be left out of the implementation.

Also, I saw that the router with the provider uplink is the only one that has a BGP session, maybe I could tell them to build from that one and implement BGP in the entire topology?

Also thank you DarkNate for the link you provided me, it will be really useful is they end up accepting the BGP implementation. I know a consultant in the area maybe I could ask him too.

One more thing do you think is it actually worth implement OSPF in the network with that quantity of routers even if every router knows about each other and does not filter routes like the want it?

Thank you both for your comments, I will have a reunion with my boss to see what he thinks about what you told me and how does he want to proceed.

One more thing do you think is it actually worth implement OSPF in the network with that quantity of routers even if every router knows about each other and does not filter routes like the want it?

I've designed a lot of ISP networks using eBGP/iBGP in conjunction with OSPF/is-is. This is what I do:
For any upstream/downstream device relationship, we use eBGP only, directly peer on PtP IPs.
For any adjacency relationship (example, BNG<>BNG, P<>P, PE<>PE), we use OSPF to learn loopbacks of all adjacency peers, and THEN, configure iBGP over loopbacks.

The author of the Edge/BNG guide below is one of the guys I've seen who does eBGP/iBGP designs, maybe speak with him:
viewtopic.php?t=176358#p864371

I think I might have gotten confused during your follow-up explanation.

You mentioned that there are already ISP uplinks at the OFCINA router which are using BGP. Where is the part in which you are moving from static routing to OSPF? Do you have an ISP providing transport for the internal connections in your network?

DarkNate's advice aligns with what I would typically suggest but I don't know exactly what part of your network we're redesigning here. If there is a provider in the middle of your network from a transport perspective, I would also consider whether you can get a layer-2 service from them. That way you can treat their network as just a circuit and run the protocols that suit you over top of them. Running OSPF or even BGP with as opposed to over the provider to reach your own sites may not be worth the extra complexity.

I think I might have gotten confused during your follow-up explanation.

You mentioned that there are already ISP uplinks at the OFCINA router which are using BGP. Where is the part in which you are moving from static routing to OSPF? Do you have an ISP providing transport for the internal connections in your network?

DarkNate's advice aligns with what I would typically suggest but I don't know exactly what part of your network we're redesigning here. If there is a provider in the middle of your network from a transport perspective, I would also consider whether you can get a layer-2 service from them. That way you can treat their network as just a circuit and run the protocols that suit you over top of them. Running OSPF or even BGP with as opposed to over the provider to reach your own sites may not be worth the extra complexity.

This requires professional consultancy, who needs to evaluate your business budget, scale, scope, existing network design, transport provider available, transport type, network equipment, number of sites etc.

Nobody in MikroTik forum can give you free network design consultancy.

This requires professional consultancy, who needs to evaluate your business budget, scale, scope, existing network design, transport provider available, transport type, network equipment, number of sites etc.

Certainly. I'm personally always glad to engage in a design discussion about a specific problem your network has, but mostly as an academic exercise and to give you something to think about. The advice is free and worth about as much

When you need specific and actionable advice that you can rely on, there's no substitute for getting a consultant.

Hello eduplant and DarkNate, sorry for the late reply.

I have talked with my boss about all of the advices you have told me and we are doing a re-evaluation of the project to see how could we implement BGP as a whole in the network.

I really have to thank you for all the help you have provided me. I have studied most of information in the links you gave me and it really helped me understand better BGP, and in case we end up using it, it will be really helpful.

I have also entered in contact with a consultant as you guys told me.

Mark topic as solved. Good luck.