拓扑

配置

JUNOS-1

#配置接口
interfaces {em2 {unit 10 {family inet {               address 12.1.1.1/24;}}}lo0 {unit 10 {family inet {address 1.1.1.1/32;}}}
}
protocols {rip {import import-policy;group rip-group {export export-policy;neighbor em2.10 {send multicast;receive version-2;authentication-type md5;authentication-key "$9$Djkqf9Cu1Ey.Pu1REyr"; ## SECRET-DATA}                           neighbor lo0.10 {send none;receive none;}}}
}
#受3上的3.3.3.3/32 拒绝33.33.33.33/32
policy-options {policy-statement export-policy {from protocol [ direct rip ];then accept;}policy-statement import-policy {term term1 {from {route-filter 33.33.33.33/32 exact;}then reject;}term term2 {from {route-filter 2.2.2.2/32 exact;route-filter 3.3.3.3/32 exact;}then accept;}term term3 {then accept;}}
}

R2

key chain rip-md5key 1key-string cisco1interface Loopback0ip address 2.2.2.2 255.255.255.255
!
#这里JUNOS-1和R2通过认证建立连接
interface Ethernet0/0ip address 12.1.1.2 255.255.255.0ip rip authentication mode md5ip rip authentication key-chain rip-md5duplex auto
!
interface Ethernet0/1ip address 23.1.1.2 255.255.255.0duplex autorouter ripversion 2network 2.0.0.0network 12.0.0.0network 23.0.0.0no auto-summary

JUNOS-2

interfaces {em0 {unit 0 {family inet {address 192.168.56.10/24;}}}em2 {unit 20 {family inet {               address 23.1.1.3/24;}}}lo0 {unit 1 {family inet {address 3.3.3.3/32;address 33.33.33.33/32;}}}
}
protocols {rip {import import-policy;group rip-group {export policy-rip;neighbor em2.20 {send multicast;receive version-2;}neighbor lo0.1 {            send none;receive none;}}}
}
policy-options {policy-statement import-policy {term 1 {from {route-filter 1.1.1.1/32 exact;route-filter 2.2.2.2/32 exact;}then accept;}term 2 {then accept;}}policy-statement policy-rip {term 1 {from protocol [ rip direct ];then accept;                }}
}

结果