Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add a Device Profile

A device profile defines global configuration elements that are added to the device during onboarding. The configuration elements include hostname, IP address of the loopback, router ID, AS number, and protocols such as BGP and PCEP.

We recommend that you create some device profiles with configurations that can be applied to all the devices in a network implementation plan and some profiles with device-specific configurations.

Before you create device profiles, ensure that you have the required network resource pools (for example, IP addresses and BGP cluster IDs) configured in Paragon Automation. If you configure Paragon Automation to assign values for network resources (loopback addresses, IPv4 addresses, BGP cluster IDs, and so on), Paragon Automation uses the network resource pools to assign the values. See Add Network Resource Pools and Profiles (Day -2 Activities). for details.

To add a device profile to Paragon Automation:

  1. Navigate to Inventory > Device and Interface Profiles.
    The Device and Interface Profiles page appears.
  2. Click Add > Device Profile to create a device profile.
    The Create Device Profile page appears.
  3. Enter values by referring to Table 1.
  4. Click Save to save the profile.
    You can view the profile listed on the Device and Interface Profiles page.
Table 1: Fields on the Create Device Profile Page
Field Description
General
Upload JSON File

Click Browse to upload a pre-created device profile in the JSON file format. The values in the pre-created device profile are automatically populated in the Create Device Profile page.

Click the Download this form into JSON file link to download and to save the profile in its current state (for example, when you want to save the current configured values for later reference or for maintaining a record).

Profile Name

Enter a name for the device profile.

The profile name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters.

Plan Name

Enter a name for the network implementation plan in which you want to use this profile. You can use the device profile only in the network implementation plan that you enter here. A network implementation plan with the name you enter here is auto-generated and listed on the Network Implementation Plan page (Inventory > Device Onboarding > Network Implementation Plan).

The plan name can contain alphanumeric characters and some special characters [hyphen (-) and period (.)] and cannot exceed 64 characters.

Configuration Template

Select one or more configuration templates that you want to include in the profile.

Use configuration templates to configure parameters that you cannot define in the profile or plan.

All the configuration templates present in the organization are listed here.

Note:

The configurations in the configuration template can be applied only during onboarding. Any changes to the configurations made after the device is onboarded are not applied to the device.

Device Labels

Select one or more device labels from the drop-down list. The labels that you select here are associated with the devices to which you assign this profile. You can use the labels to refer to the device in various contexts. For example, if you assign the label PE for provider edge devices, you can use the label to filter all PE devices present in your network.

You can also click the + Add new label link to add a new label to the profile, in the Add New Label page. The name of the label can contain alphanumeric characters and some special characters [hyphen (-) and period (.)] and cannot exceed 64 characters. See Add Labels.

Software Image

Select the software image to be installed on the device. During device onboarding, Paragon Automation checks whether the software version installed on the device matches the version you enter here. If the software version does not match, the software version that you specify here is installed on the device.

You can view the images that are uploaded to Paragon Automation here.

Autonomous System

Enter the ID or number of the AS to which you want to assign the device.

Range: 1 through 4,199,999,999

Trust

Click to enable (default) or disable Paragon Automation to run compliance scans on the device for assessing the integrity and potential vulnerabilities on the device and to calculate compliance score for the device.

The compliance score of a device indicates compliance of the device with the rules defined in the Center for Internet Security (CIS) benchmarks.

Router ID

Click to enable or disable (default) automatic router ID configuration on a device during device onboarding.

If you enable automatic router ID configuration, the IPv4 loopback address of the device is used as the router ID.

IPv4 Loopback Address

Click to enable or disable (default) automatic IPv4 loopback address configuration on the device.

If you enable automatic IPv4 loopback address configuration, Paragon Automation assigns the IPv4 loopback address automatically from the IPv4 address resource pool.

For automatic configuration of IPv4 loopback address, you must have IPv4 loopback address resource pools uploaded to Paragon Automation. Otherwise, the IPv4 loopback address is not assigned to the device and device onboarding fails. See Add Network Resource Pools for adding information about resources pools.

If you disable this option, you can configure the loopback address when you add devices to a network implementation plan.

ISO Network Address

Click to enable or disable (default) IS-IS protocol configuration on the device.

If you enable ISO Network Address, configure the area ID and system ID.

Area ID

Enter the area ID to be assigned to the device for IS-IS protocol configuration.

Range: 01 through 99

System ID

Click to enable (default) or disable auto-generation of a system ID for IS-IS protocol configuration.

If you choose to auto-generate the system ID, the value assigned is usually the host part of the device’s IP4 loopback address in the binary-coded decimal (BCD) format.

For automatic configuration of System ID, you must have IPv4 loopback address resource pools uploaded to Paragon Automation. Otherwise, the System ID is not assigned to the device and device onboarding fails. See Add Network Resource Pools for information about adding resources pools.

If you explicitly specify the system ID, we recommend that you use the IPv4 loopback address represented in the BCD format. For example, if the loopback address is 192.168.1.77, the system ID should be 1921.6800.1077.

Routing Protocols
BGP

Click to enable or disable (default) BGP configuration on the device. If you enable BGP configuration, add an internal or external BGP peer group for the device. For information about the configurable fields to add a BGP group, See Table 2.

You can also edit and delete BGP peer groups of a device from here.

PCEP

Click to enable or disable (default) path computation element protocol (PCEP) configuration on a device.

If you enable PCEP, configure the IPv4 path computation element (PCE) address in your network.

PCE Address

IPv4 address of the PCE in your network.

Traffic Engineering

Click to enable or disable (default) traffic engineering (TE) configuration on your device.

If you enable TE, add tunnels [label-switched paths (LSPs)] for TE. See Table 3.

You can also edit and delete tunnels from here.

Note:

If you configure tunnels, you must configure RSVP in an interface profile and apply the interface profile to a device to which you apply this device profile.

Segment Routing

Click to enable or disable (default) segment routing configuration on a device.

If you enable segment routing, configure start label and index range for the OSPF and IS-IS protocols, and the node segment identifier (SID) (referred to as IPv4 index) for a device.

OSPF
Start Label

Enter a start label for the segment routing label block. This label is advertised using the OSPF protocol.

Range: 16 through 1,048,575

Index Range

Enter the range of label values that you want to use as the SID for a device.

Range: 32 through 1,048,559

ISIS
Start Label

Enter a start label for the segment routing label block. This label is advertised using the IS-IS protocol.

Range: 16 through 1,048,575

Index Range

Enter the range of label values that you want to use as SID for a device.

Range: 32 through 1,048,559

IPv4 Index

Click to enable or disable (default) the automatic configuration of the IPv4 node SID for segment routing.

For automatic configuration of IPv4 index, you must have the segment identifier resource pools uploaded to Paragon Automation. Otherwise, the IPv4 index is not assigned to the device and the device onboarding process fails. See Add Network Resource Pools for information about adding resources pools.

Active Assurance
Edge Devices

Click to enable or disable (default) the test agents installed on ACX routers and x86 platforms to run connectivity test to the edge devices in your network.

If you enable running connectivity tests to the edge devices, configure the labels and IPv4 addresses of the edge devices.

Device Labels

Select the device labels for edge devices. Test agents run connectivity tests to all devices that share the device label.

Addresses

Enter the IPv4 addresses of edge devices to which test agents on the device run connectivity tests.

Internet Endpoints

Click to enable or disable (default) the test agents that are installed on devices to run connectivity tests to the Internet endpoints such as Web servers and DNS servers in your network.

If you enable running connectivity tests to the Internet endpoints, you must configure the endpoints for the connectivity test.

Endpoints

Click + to add Internet Endpoints for connectivity checks. Configure the following:

  • Name—Enter the name of the Internet endpoint server.

  • URL—Enter the URL of the Internet endpoint server in host[:port]/[path] format. For example, www.example.com/v1.

  • Click Add common endpoints to select common endpoints from the list.

Click the check mark to save the endpoints.

DNS Server

Enter the IPv4 address of the internal or external DNS server to which the test agent runs a ping connectivity test.

Cloud Providers

Click to enable or disable (default) the test agents installed on devices from running connectivity tests to hosts in the Cloud Provider's network.

If you enable running connectivity tests to the cloud provider endpoints, you must configure the cloud provider endpoints.

Select cloud providers

Configure the parameters to check connectivity from a device to the cloud provider network. To configure connectivity tests to cloud provider endpoints:

  1. Select a cloud provider (Amazon Web Services [AWS], Microsoft Azure, or Google Cloud Platform) in the Cloud Providers list to which connectivity is to be tested.

  2. (Optional) Click Edit to change the default delay and delay variance threshold values for the selected cloud provider.

    You can edit the values as per your preference and click the check mark to save the edited values.

  3. Click Save.

    Paragon Automation runs connectivity checks to the configured cloud provider endpoints during device onboarding.

Table 2: Fields on the Add BGP Group Page
Field Description
Name

Enter a name for the BGP peer group of the device.

The name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters.

Type

Select a type of BGP peer group for the device:

  • Internal (IBGP) Peer

  • External (EBGP) Peer

Peer AS

Enter the AS number of the device's BGP peer groups.

The value can range from 1 to 4,199,999,999.

Address Family

Select one or more IP address families from the drop-down list that a device can support for BGP sessions with peers.

BGP Link State
Originator

Click to enable or disable (default) the BGP peer group as the source for BGP-LS information.

If you enable this option, the devices in this group provide the BGP link state information to Paragon Automation.

Neighbors
Device Labels

Select one or more labels of devices that belong to the BGP peer group. All devices that share the label you enter here become part of the peer group.

Note:

For specifying a single device as a BGP neighbor, you can provide either the device label or IPv4 address.

For specifying multiple devices as a BGP neighbor, you can use a combination of both device labels and IPv4 addresses.

We recommend that you use labels for specifying BGP neighbors as one label can represent multiple devices.

Addresses

Enter the IPv4 address (in dotted decimal notation) of the devices that you want to add in the BGP peer group. For example, 10.2.3.4.

Note:

For specifying a single device as a BGP neighbor, you can provide either the device label or IPv4 address.

For specifying multiple devices as a BGP neighbor, you can use a combination of both device labels and IPv4 addresses.

Route Reflector
Cluster

Select one or more BGP cluster IDs to which you want to assign the devices from the BGP peer group.

Click the Manage Clusters link to add, modify, or delete BGP clusters. To add a BGP cluster:

  1. Click Manage Clusters.

    The BGP Route Reflector Clusters page appears.

  2. Click the add (+) icon.

    The Name and Cluster Identifier fields are enabled.

  3. Enter a name for the BGP cluster in the Name field.

    The name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters.

  4. Enter an IP address for the BGP cluster in the Cluster Identifier field.

    Do not enter a value for the cluster ID if you want Paragon Automation to automatically assign the cluster ID.

    For automatic configuration of cluster IDs, you must have BGP cluster ID resource pools uploaded to Paragon Automation. Otherwise, the cluster IDs are not assigned to the BGP clusters, and the device onboarding fails.

Table 3: Fields on the Add Tunnel Page
Field Description
Name

Enter a name for the tunnel.

The name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters.

Protection

Select the type of protection you want to configure for the tunnel:

  • none: The tunnel does not have any protection.

  • link: The links in the tunnel are protected.

  • node-link: Both the devices and the links in the tunnel are protected.

  • detour: The tunnel is protected by a secondary tunnel.

Destination
Device Labels

Select the labels of the devices where you want the tunnel to end.

Note:

You need to provide either the device label or IPv4 address for the tunnel destination.

We recommend that you use labels to specify devices for tunnel destination.

Addresses

Enter the IP addresses of the devices where you want the tunnel to end.

Note:

You need to provide either the device label or IPv4 address for the tunnel destination.

Bandwidth
Bandwidth

Click to enable (default) or disable the automatic configuration (static configuration) of the tunnel bandwidth.

If you disable auto configuration (static), specify the tunnel bandwidth in Kbps, Mbps, or Gbps. For example, 5 Mbps.