I have run into a OSPF static route distribution problem. We have 3 mikrotik routers (running 6.45.6) locate in 3 locations: HQ (192.168.0.0/24), Office A (192.168.1.0/24) and Office B (192.168.2.0/24). HQ have some static routes. Most of the routes are opened to branch offices via OSPF with ‘Redistrubute static routes’ enabled . But for security reasons, we want to disclose selective subnets routing information to designated branches instead of disclose to all. We tried to block some subnets (say 192.168.11.0/24, locate at HQ) distribution using routing filter ospf-out at HQ router. Once we applied the filter, subnet 192.168.11.0/24 routing information was removed from both Office A and Office B routing table. Our problem is how to distribution 192.168.11.0/24 information to Office A only via OSPF.
Anyone has idea how to do this? Thx in advance for your help.
Hi, if you want to keep it at OSPF, I’ll use a new area solution, so each branch office is a different area and your HQ is at backbone area (0.0.0.0), and you can use some area-range commands to summarize LSAs from backbone area to any remote areas, and also those new areas may be a stub or nssa area, it really depends on your design and requirements.
Easiest solution will always be using OSPF as IGP only (for fast convergence and load balancing) while iBGP as your EGP for default-route and any other subnets at your network.