Manage Organization Settings
A superuser can configure the organization settings and do the following tasks:
-
View organization name and organization ID and modify the organization name.
-
Add, modify, and delete identity providers (IdP).
-
Add, modify, and delete custom roles.
-
Enable or disable the password policy for the organization and modify the password policy when the password policy is enabled.
-
Modify the session timeout policy for the organization.
-
Generate, edit, and delete API tokens for various roles in the organization.
-
Configure webhooks for the organization.
-
Configure device authentication.
-
Configure SNMP manager in Routing Director and the external applications to which the SNMP traps can be sent.
-
Configure LLM connector settings.
-
Configure Network Optimization settings.
To configure and to manage organization settings:
Click Settings Menu > System Settings on the banner.
The Organization Settings page appears.
Configure or modify the organization settings as needed. Refer to Table 1.
Fields marked * are mandatory.
Click Save to save the settings.
Verify that the settings are saved and close the Organization Settings page.
Table 1 describes the parameters on the Organization Settings page.
| Field | Description |
|---|---|
|
Organization Name* |
Name of the organization. You can edit the organization name here. |
|
Organization ID |
The ID for the organization. The value is auto-generated. This is a read-only field. |
|
Single Sign On (SSO) |
|
|
Identity Providers |
View identity providers configured in the organization. Add, edit, or delete the identity providers; see Manage Identity Providers. |
|
Roles |
View roles configured for SSO. Add, edit, or delete the roles; see Manage Roles. |
|
Password Policy |
Enable or disable (default) password policy. If you enable the password policy, configure the password policy parameters; see Table 2. |
|
Session Policy |
Configure the time, in minutes, after which the session with Routing Director should timeout; see Table 3. |
|
API Tokens |
Generate and view API tokens to authenticate users when they retrieve data by using REST APIs; see Manage API Tokens. |
|
Webhooks |
Webhooks enable you to get notifications when the events that you have subscribed for occur. Internet connectivity is required for Routing Director to connect to third-party applications, such as Slack. Click to enable or disable (default) webhooks. If you enable webhooks, you must select the type of events for which you want to receive notifications; see Table 4. |
|
Device Authentication |
Configure the type of authentication Routing Director must use to onboard a device:
See Manage RADIUS Server Configurations to configure RADIUS authentication. |
|
SNMP Forwarding Endpoints |
Configure Routing Director to forward SNMP traps received from Juniper devices to external applications. See Configure SNMP. |
|
SNMP Configuration |
Configure the SNMP manager to receive SNMP traps from Juniper devices and forward them to external applications. See Configure SNMP. |
|
Configure LLM Connector |
Configure the LLM Connector to facilitate the use of natural language to query network status and obtain troubleshooting information. Note: LLM Connector is a beta feature in this
release.
|
|
Network Optimization Settings |
Configure pathfinder settings to automatically reroute LSPs and to set database pruning frequency and Postgres retention period. See Table 5 and Reroute LSPs. |
| Field | Description |
|---|---|
| Enabled |
Use this option to enable the enforcement of the configured password policy for the organization. When enabled, users will be required to comply with the defined password rules, which may include:
By default, this setting is not selected, that is, password policy enforcement is not applied unless explicitly enabled. |
| Disabled |
Use this option to disable the enforcement of password policy on the organization. When selected, no password requirements (such as minimum password length) will be applied to user passwords. This option is enabled by default, that is, password policy is not enforced unless explicitly enabled. |
| Required minimum password length* |
Enter the minimum number of characters that should be present in the password of a user's account. Default is 8 characters. Range: 8 to 32 |
| Require special characters* | Click to enable (default) or disable the use of special characters in the password. By default, this option is disabled. |
| Require 2-Factor Authentication* |
Click to enable or disable two-factor authentication for users accessing the organization. By default, this option is disabled. If you enable two-factor authentication, a code is sent to an authenticator app. The code should be entered in addition to the password to access the organization. |
| Require lowercase letter | Click to enable or disable the use of one or more lowercase letters in the password. By default, this option is disabled. |
| Require uppercase letter | Click to enable or disable the use of one or more uppercase letters in the password. By default, this option is disabled. |
| Require number | Click to enable or disable (default) the use of one or more numbers in the password. By default, this option is disabled. |
| Field | Description |
|---|---|
| Session Timeout (minutes)* | Enter the number of minutes after which the session should timeout.
Default is 1440 minutes. Range: 0 to 20,160 minutes |
| Inactivity Timeout (minutes)* | Enter the number of inactive minutes after which the session should
timeout. Default is 0, indicating that the session does not time out
because of inactivity. Range: 0 to 480 minutes |
| Field | Description |
|---|---|
| Name* | Enter the name of the server or application to which notifications for subscribed events are to be sent. |
| URL* |
Enter the URL of the server or application where the notifications in the form of HTTP POST requests are to be sent when a subscribed event occurs. You must configure webhooks to enable Routing Director to send notifications to third-party applications, such as Slack, when events you have subscribed to are triggered on the managed devices. To receive webhook notifications in a format that is compatible with Slack, you need to configure an intermediary that can interact with the sending and receiving applications, in this case, Routing Director and Slack. The recommended intermediary platform is Make. For more information, see Configure Webhooks to Receive Event Notifications. |
| Secret | Enter the secret to validate that the notifications received are from valid hosts. |
| Webhook Header | |
| Header Key* | Enter a unique key that the webhook endpoint can use to authenticate the event notifications. |
| Header Value* | Enter a unique value for the key. |
| Streaming API | |
| Alerts | Click to enable or disable (default) receiving notifications when subscribed alerts are generated on the managed devices. |
| Audits | Click to enable or disable (default) receiving notifications when an organization is accessed or any setting in the organization is changed. |
| Device Status | Click to enable or disable (default) receiving notifications when the device status changes due to events such as a link going up or down, or the device getting disconnected from Routing Director, and so on. |
| Device Alarms |
Click to enable or disable (default) receiving notifications when subscribed alarms are generated on the managed devices. |
| Field | Description |
|---|---|
|
ECMP Placement Method* |
Select a placement method for equal-cost multipath (ECMP) routing.
Based on the placement method you opt, Routing Director evaluates link metrics, distributes traffic, and improves bandwidth utilization on multiple links to the same destination. |
|
Path Optimization Interval* |
Specify the interval after which Routing Director must automatically trigger path optimization. To disable automatic path optimization, enter 0 second. Range: 0 through 9 minutes (m), hours (h) or days (d). |
|
Link Utilization Threshold* |
Specify the threshold value (in percentage) for link utilization. When traffic on a link exceeds this value, Routing Director reroutes label-switched path (LSPs). If you do not specify a threshold, the LSP is not rerouted. If you specify 0, the links are blocked. Range: 0 through 100 percentage. |
|
Threshold Rerouting Interval |
Specify the minimum interval (in minutes) after which Routing Director reacts to any traffic or delay violations. If you don’t specify an interval, the label-switched path (LSP) is not rerouted in case of a violation. Range: 1 through 300 minutes |
|
Link Utilization Violation Count |
Count refers to the number of times that a violation must occur for a rerouting event to take place. Specify the count for the link utilization violation to occur. If the link utilization violation occurs consecutively and exceeds the count you have specified here, then Routing Director reacts to the link utilization violation and reroutes the label-switched path (LSP) to an alternative path that meets the link utilization criteria. If you don’t specify a count or specify the count as 0, the LSP is not rerouted in case of a violation. Ensure that you specify link utilization violation interval when specifying link utilization violation count. The violation count has higher precedence over threshold rerouting interval. Range: 1 through 255 |
|
Link Utilization Violation Interval |
Intervals refers to the time period over which consecutive violations must occur for a rerouting event to take place. Specify the interval (in minutes) for consecutive link utilization violation to occur. Routing Director reacts to the link utilization violation and reroutes the label-switched path (LSP) to an alternative path that meets the link utilization criteria if the time between two consecutive violations do not exceed the time that you have specified here. If you don’t specify the interval or specify the interval as 0, Routing Director will not reroute LSP in case of a violation. Ensure that you specify link utilization violation count when specifying link utilization violation interval. Range: 1 through 300 |
|
Tunnel Delay Violation Interval |
Intervals refers to the time period over which consecutive violations must occur for a rerouting event to take place. Specify the interval (in minutes) for consecutive tunnel delay violation to occur. Routing Director reacts to the tunnel delay violation and reroutes the label-switched path (LSP) to an alternative path that meets the link utilization criteria if the time between two consecutive violations do not exceed the time that you have specified here. If you don’t specify the interval or specify the interval as 0, the LSP is not rerouted in case of a violation. Ensure that you specify tunnel delay violation interval when specifying tunnel delay violation count. Range: 1 through 300 |
|
Tunnel Delay Violation Count |
Count refers to the number of times a violation must occur for a rerouting event to take place. Specify the count for consecutive tunnel delay violation to occur. If the tunnel delay violation occurs consecutively and exceeds the count you have specified here, then Routing Director reacts to the tunnel delay violation and reroutes the label-switched path (LSP) to an alternative path that meets the link utilization criteria. If you don’t specify a count or specify the count as 0, the LSP is not rerouted in case of a violation. Ensure that you specify tunnel delay violation interval when specifying tunnel delay violation count. The Tunnel Delay Violation Interval and Tunnel Delay Violation Count has higher precedence over Threshold Rerouting Interval. Range: 1 through 255 |
| Link Packet Loss Threshold | Specify the threshold value (in percentage) for the link packet loss. When packet loss on a link exceeds this value, Routing Director reroutes the label-switched path (LSPs). If you specify the threshold as 100, then the LSP is not rerouted. Ensure that you also specify both link packet loss violation count and link packet loss violation interval when specifying the link packet loss threshold. Range: 0 through 100 percent. |
| Link Packet Loss Violation Count | Count refers to the number of times that a violation must occur for a rerouting event to take place. Specify the count for consecutive link packet loss violations to occur. If the link packet loss violation occurs consecutively and exceeds the count you have specified here, then Routing Director reacts to the link packet loss violation and reroutes the label-switched path (LSP) to an alternative path that meets the packet loss criteria. If you do not specify a count, then the LSP is not rerouted in case of a violation. Ensure that you specify both link packet loss threshold and link packet loss violation interval when specifying the link packet loss violation count. Range: 1 through 255. |
| Link Packet Loss Violation Interval | Specify the interval (in minutes) for consecutive link packet loss violation to occur. Interval refers to the time period over which consecutive violations must occur for a rerouting event to take place. Routing Director reacts to the link packet loss violation and reroutes the label-switched path (LSP) to an alternative path that meets the packet loss criteria if the time between two consecutive violations do not exceed the time that you have specified here. If you do not specify the interval, then the Routing Director will not reroute LSP in case of a violation. Ensure that you specify both link packet loss threshold and link packet loss violation count when specifying the link packet loss violation interval. Range: 5 through 300 minutes. |
|
Interface Delay Type |
Choose the preferred interface delay type (minimum, maximum, or average). Routing director uses the chosen interface delay type to determine the best path for LSPs. The default value is average. |
|
Bandwidth Sizing |
Enable the toggle button if you want Routing Director to perform the bandwidth sizing of LSPs that are bandwidth-sizing enabled. You need to specify Adjustment Period and Statistical Function values for bandwidth sizing. |
|
Adjustment Period |
Specify the frequency [in minutes (m), hours (h), or days (d)] at which Routing Director must perform the bandwidth sizing of LSPs. Range: 15 minutes through any number of days. |
|
Statistical Function* |
Select one of the following statistical function to be applied by Routing Director to compute the new planned bandwidth for bandwidth sizing-enabled LSPs:
|
|
Container LSP Normalization |
Enable the toggle button to let Routing Director perform container normalization. Container normalization is a process where Routing Director computes new bandwidth and the required number of sub-LSPs for an existing container LSP based on the traffic across those sub-LSPs, and then provisions sub‑LSPs to apply these changes in the network. A container LSP is a logical grouping of sub-LSPs that share the properties defined in the container LSP. Routing Director dynamically adds (splits) or removes (merges) sub-LSPs based on real-time network conditions, preventing over-reservation or under-utilization of resources. |
|
Adjustment Period |
Specify the frequency [in minutes (m), hours (h), or days (d)] at which Routing Director performs container normalization. The default value is 6 hours. Range: 1 hour through any number of days. |
|
Statistical Function |
Select one of the following statistical functions for Routing Director to fetch the aggregated traffic through each sub-LSP over the interval specified in the Adjustment Period field:
|
|
Org Table Retention |
|
|
Cleanup Frequency* |
Specify how often (in days) the database pruning (clean up) must happen for your organization. Range: 1 through 10 days |
|
Simulation Reports * |
Specify the number of days that you want to retain the simulated reports for your organization. Range: 1 through 180 days |
| LSP Event History * |
Specify the number of days the LSP events must be retained. Based on the number of days you specify here, Routing Director automatically deletes records older than the configured period and retains newer events. Range: 1 through 35 days |
|
Global Settings |
|
| Packet Loss |
Click to enable (default) or disable the packet loss collection at the global level. To view the historical packet loss data for a specific link in your network, see the Link tab on the Topology page (Observability > Network > Topology > Link). For more information, see About the Link Tab. Additionally, you can also view the historical packet loss data on the Measurement Explorer page (Observability > Active Assurance > Measurement Explorer). For more information, see About the Measurement Explorer Page. |
|
Global Table Retention |
|
|
Healthcheck Reports* |
Specify the number of days that you want to retain the health check reports for all organizations in your network. Range: 1 through 180 days |