Add a Device Profile
A device profile defines global configuration elements that are added to the device during onboarding. The configuration elements include hostname, IP address of the loopback, router ID, AS number, and protocols such as BGP and PCEP.
We recommend that you create some device profiles with configurations that can be applied to all the devices in a network implementation plan and some profiles with device-specific configurations.
Before you create device profiles, ensure that you have the required network resource pools (for example, IP addresses and BGP cluster IDs) configured in Paragon Automation. If you configure Paragon Automation to assign values for network resources (loopback addresses, IPv4 addresses, BGP cluster IDs, and so on), Paragon Automation uses the network resource pools to assign the values. See Add Network Resource Pools and Profiles (Day -2 Activities). for details.
To add a device profile to Paragon Automation:
Field | Description |
---|---|
General | |
Upload JSON File |
Click Browse to upload a pre-created device profile in the JSON file format. The values in the pre-created device profile are automatically populated in the Create Device Profile page. Click the Download this form into JSON file link to download and to save the profile in its current state (for example, when you want to save the current configured values for later reference or for maintaining a record). |
Profile Name |
Enter a name for the device profile. The profile name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters. |
Plan Name |
Enter a name for the network implementation plan in which you want to use this profile. You can use the device profile only in the network implementation plan that you enter here. A network implementation plan with the name you enter here is auto-generated and listed on the Network Implementation Plan page (Inventory > Device Onboarding > Network Implementation Plan). The plan name can contain alphanumeric characters and some special characters [hyphen (-) and period (.)] and cannot exceed 64 characters. |
Configuration Template |
Select one or more configuration templates that you want to include in the profile. Use configuration templates to configure parameters that you cannot define in the profile or plan. All the configuration templates present in the organization are listed here. Note:
The configurations in the configuration template can be applied only during onboarding. Any changes to the configurations made after the device is onboarded are not applied to the device. |
Device Labels |
Select one or more device labels from the drop-down list. The labels that you select here are associated with the devices to which you assign this profile. You can use the labels to refer to the device in various contexts. For example, if you assign the label PE for provider edge devices, you can use the label to filter all PE devices present in your network. You can also click the + Add new label link to add a new label to the profile, in the Add New Label page. The name of the label can contain alphanumeric characters and some special characters [hyphen (-) and period (.)] and cannot exceed 64 characters. See Add Labels. |
Software Image |
Select the software image to be installed on the device. During device onboarding, Paragon Automation checks whether the software version installed on the device matches the version you enter here. If the software version does not match, the software version that you specify here is installed on the device. You can view the images that are uploaded to Paragon Automation here. |
Autonomous System |
Enter the ID or number of the AS to which you want to assign the device. Range: 1 through 4,199,999,999 |
Trust |
Click to enable (default) or disable Paragon Automation to run compliance scans on the device for assessing the integrity and potential vulnerabilities on the device and to calculate compliance score for the device. The compliance score of a device indicates compliance of the device with the rules defined in the Center for Internet Security (CIS) benchmarks. |
Router ID |
Click to enable or disable (default) automatic router ID configuration on a device during device onboarding. If you enable automatic router ID configuration, the IPv4 loopback address of the device is used as the router ID. |
IPv4 Loopback Address |
Click to enable or disable (default) automatic IPv4 loopback address configuration on the device. If you enable automatic IPv4 loopback address configuration, Paragon Automation assigns the IPv4 loopback address automatically from the IPv4 address resource pool. For automatic configuration of IPv4 loopback address, you must have IPv4 loopback address resource pools uploaded to Paragon Automation. Otherwise, the IPv4 loopback address is not assigned to the device and device onboarding fails. See Add Network Resource Pools for adding information about resources pools. If you disable this option, you can configure the loopback address when you add devices to a network implementation plan. |
ISO Network Address |
Click to enable or disable (default) IS-IS protocol configuration on the device. If you enable ISO Network Address, configure the area ID and system ID. |
Area ID |
Enter the area ID to be assigned to the device for IS-IS protocol configuration. Range: 01 through 99 |
System ID |
Click to enable (default) or disable auto-generation of a system ID for IS-IS protocol configuration. If you choose to auto-generate the system ID, the value assigned is usually the host part of the device’s IP4 loopback address in the binary-coded decimal (BCD) format. For automatic configuration of System ID, you must have IPv4 loopback address resource pools uploaded to Paragon Automation. Otherwise, the System ID is not assigned to the device and device onboarding fails. See Add Network Resource Pools for information about adding resources pools. If you explicitly specify the system ID, we recommend that you use the IPv4 loopback address represented in the BCD format. For example, if the loopback address is 192.168.1.77, the system ID should be 1921.6800.1077. |
Routing Protocols | |
BGP |
Click to enable or disable (default) BGP configuration on the device. If you enable BGP configuration, add an internal or external BGP peer group for the device. For information about the configurable fields to add a BGP group, See Table 2. You can also edit and delete BGP peer groups of a device from here. |
PCEP |
Click to enable or disable (default) path computation element protocol (PCEP) configuration on a device. If you enable PCEP, configure the IPv4 path computation element (PCE) address in your network. |
PCE Address |
IPv4 address of the PCE in your network. |
Traffic Engineering |
Click to enable or disable (default) traffic engineering (TE) configuration on your device. If you enable TE, add tunnels [label-switched paths (LSPs)] for TE. See Table 3. You can also edit and delete tunnels from here. Note:
If you configure tunnels, you must configure RSVP in an interface profile and apply the interface profile to a device to which you apply this device profile. |
Segment Routing |
Click to enable or disable (default) segment routing configuration on a device. If you enable segment routing, configure start label and index range for the OSPF and IS-IS protocols, and the node segment identifier (SID) (referred to as IPv4 index) for a device. |
OSPF | |
Start Label |
Enter a start label for the segment routing label block. This label is advertised using the OSPF protocol. Range: 16 through 1,048,575 |
Index Range |
Enter the range of label values that you want to use as the SID for a device. Range: 32 through 1,048,559 |
ISIS | |
Start Label |
Enter a start label for the segment routing label block. This label is advertised using the IS-IS protocol. Range: 16 through 1,048,575 |
Index Range |
Enter the range of label values that you want to use as SID for a device. Range: 32 through 1,048,559 |
IPv4 Index |
Click to enable or disable (default) the automatic configuration of the IPv4 node SID for segment routing. For automatic configuration of IPv4 index, you must have the segment identifier resource pools uploaded to Paragon Automation. Otherwise, the IPv4 index is not assigned to the device and the device onboarding process fails. See Add Network Resource Pools for information about adding resources pools. |
Active Assurance | |
Edge Devices |
Click to enable or disable (default) the test agents installed on ACX routers and x86 platforms to run connectivity test to the edge devices in your network. If you enable running connectivity tests to the edge devices, configure the labels and IPv4 addresses of the edge devices. |
Device Labels |
Select the device labels for edge devices. Test agents run connectivity tests to all devices that share the device label. |
Addresses |
Enter the IPv4 addresses of edge devices to which test agents on the device run connectivity tests. |
Internet Endpoints |
Click to enable or disable (default) the test agents that are installed on devices to run connectivity tests to the Internet endpoints such as Web servers and DNS servers in your network. If you enable running connectivity tests to the Internet endpoints, you must configure the endpoints for the connectivity test. |
Endpoints |
Click + to add Internet Endpoints for connectivity checks. Configure the following:
Click the check mark to save the endpoints. |
DNS Server |
Enter the IPv4 address of the internal or external DNS server to which the test agent runs a ping connectivity test. |
Cloud Providers |
Click to enable or disable (default) the test agents installed on devices from running connectivity tests to hosts in the Cloud Provider's network. If you enable running connectivity tests to the cloud provider endpoints, you must configure the cloud provider endpoints. |
Select cloud providers |
Configure the parameters to check connectivity from a device to the cloud provider network. To configure connectivity tests to cloud provider endpoints:
|
Field | Description |
---|---|
Name |
Enter a name for the BGP peer group of the device. The name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters. |
Type |
Select a type of BGP peer group for the device:
|
Peer AS |
Enter the AS number of the device's BGP peer groups. The value can range from 1 to 4,199,999,999. |
Address Family |
Select one or more IP address families from the drop-down list that a device can support for BGP sessions with peers. |
BGP Link State | |
Originator |
Click to enable or disable (default) the BGP peer group as the source for BGP-LS information. If you enable this option, the devices in this group provide the BGP link state information to Paragon Automation. |
Neighbors | |
Device Labels |
Select one or more labels of devices that belong to the BGP peer group. All devices that share the label you enter here become part of the peer group. Note:
For specifying a single device as a BGP neighbor, you can provide either the device label or IPv4 address. For specifying multiple devices as a BGP neighbor, you can use a combination of both device labels and IPv4 addresses. We recommend that you use labels for specifying BGP neighbors as one label can represent multiple devices. |
Addresses |
Enter the IPv4 address (in dotted decimal notation) of the devices that you want to add in the BGP peer group. For example, 10.2.3.4. Note:
For specifying a single device as a BGP neighbor, you can provide either the device label or IPv4 address. For specifying multiple devices as a BGP neighbor, you can use a combination of both device labels and IPv4 addresses. |
Route Reflector | |
Cluster |
Select one or more BGP cluster IDs to which you want to assign the devices from the BGP peer group. Click the Manage Clusters link to add, modify, or delete BGP clusters. To add a BGP cluster:
|
Field | Description |
---|---|
Name |
Enter a name for the tunnel. The name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters. |
Protection |
Select the type of protection you want to configure for the tunnel:
|
Destination | |
Device Labels |
Select the labels of the devices where you want the tunnel to end. Note:
You need to provide either the device label or IPv4 address for the tunnel destination. We recommend that you use labels to specify devices for tunnel destination. |
Addresses |
Enter the IP addresses of the devices where you want the tunnel to end. Note:
You need to provide either the device label or IPv4 address for the tunnel destination. |
Bandwidth | |
Bandwidth |
Click to enable (default) or disable the automatic configuration (static configuration) of the tunnel bandwidth. If you disable auto configuration (static), specify the tunnel bandwidth in Kbps, Mbps, or Gbps. For example, 5 Mbps. |