infoblox-ddi

$npx mdskill add automateyournetwork/netclaw/infoblox-ddi

Manages Infoblox DDI operations for DNS, DHCP, and IPAM validation

  • Validates DNS records, IPAM allocation, and DHCP scope usage
  • Uses Infoblox MCP API with environment variables for authentication
  • Queries network data to verify consistency with NetBox or Nautobot
  • Returns structured results for audit, reconciliation, or validation workflows

SKILL.md

.github/skills/infoblox-ddiView on GitHub ↗
---
name: infoblox-ddi
description: "Infoblox DDI operations — DNS zones/records, DHCP scopes and leases, IPAM networks and address utilization. Use when checking DNS records, validating IPAM address allocation, investigating DHCP scope exhaustion, verifying reverse DNS for network devices, or reconciling Infoblox with NetBox or Nautobot."
license: Apache-2.0
user-invocable: true
metadata:
  { "openclaw": { "requires": { "bins": ["python3"], "env": ["INFOBLOX_MCP_CMD", "INFOBLOX_URL", "INFOBLOX_API_KEY"] } } }
---

# Infoblox DDI

## MCP Server

- **Source**: `infoblox-ddi-mcp` (PyPI)
- **Command**: `$INFOBLOX_MCP_CMD`
- **Transport**: stdio
- **Requires**: `INFOBLOX_URL`, `INFOBLOX_API_KEY`
- **Recommended scope**: read-only for audit workflows; gate write operations behind ServiceNow CRs

## How to Call the MCP Tools

```bash
python3 $MCP_CALL "$INFOBLOX_MCP_CMD" TOOL_NAME '{"param":"value"}'
```

## Typical Tool Coverage

- Network and prefix inventory
- Fixed addresses and host records
- A, AAAA, CNAME, PTR, TXT records
- DHCP ranges, reservations, and lease lookup
- IP utilization and next-available-address queries

## When to Use

- IPAM source-of-truth validation before assigning addresses
- DNS cutover and record verification during change windows
- DHCP scope exhaustion checks
- Reverse-DNS validation for network devices and services
- Reconciliation between NetBox/Nautobot intent and Infoblox reality

## Workflow: DNS Change Validation

1. Query the target zone and existing records.
2. Check for conflicting A, AAAA, CNAME, and PTR records.
3. Confirm the target IP is allocated correctly in IPAM.
4. If the change is a write operation, require a ServiceNow CR first.
5. Verify forward and reverse records after implementation.

## Workflow: DHCP Scope Investigation

1. Query the affected network or scope.
2. Review lease utilization and remaining free addresses.
3. Check reservations and exclusions for collisions.
4. Correlate the client or IP with Catalyst Center, ISE, or pyATS data if needed.

## Integration with Other Skills

| Skill | Integration |
|-------|-------------|
| `netbox-reconcile` | Validate address intent against Infoblox allocations |
| `nautobot-sot` | Cross-check prefixes and IP ownership |
| `servicenow-change-workflow` | Gate DDI write actions behind approved changes |
| `pyats-config-mgmt` | Confirm address plan before device configuration |

## Important Rules

- **Do not modify DNS/DHCP/IPAM without approved change control**
- **Always verify both forward and reverse DNS after writes**
- **Treat DDI as production control-plane infrastructure**

More from automateyournetwork/netclaw

SkillDescription
aap-automationRed Hat Ansible Automation Platform — inventory management, job template execution, project SCM sync, ad-hoc commands, host management, Galaxy content discovery. Use when automating infrastructure with Ansible, running playbooks, managing inventories, or searching for Ansible collections and roles.
aap-edaEvent-Driven Ansible (EDA) — activation lifecycle, rulebook management, decision environments, event stream monitoring. Use when managing event-driven automation triggers, enabling/disabling activations, or reviewing EDA rulebooks.
aap-lintansible-lint playbook and role validation — syntax checking, best practice enforcement, project-wide analysis, rule filtering. Use when validating Ansible playbooks, checking code quality, or enforcing automation best practices before deployment.
aci-change-deploySafe ACI policy change deployment - ServiceNow CR lifecycle, pre/post-change fault baselines, APIC policy application, automatic rollback on fault delta, and GAIT audit trail. Use when deploying ACI policy changes, creating tenants or EPGs, pushing config to APIC, or running a change window with rollback protection.
aci-fabric-auditComprehensive Cisco ACI fabric health audit - node status, tenant/VRF/BD/EPG policy review, contract analysis, fault triage, and endpoint learning verification. Use when auditing ACI fabric health, checking for faults, reviewing tenant policies, or running pre/post-change baselines on APIC.
arista-cvpArista CloudVision Portal (CVP) automation via REST API — device inventory, events, connectivity monitoring, tag management (4 tools). Use when managing Arista devices, checking CloudVision events, monitoring network connectivity probes, or tagging devices in CVP.
aruba-cx-configView and manage Aruba CX switch configurations, perform ISSU upgrades, and firmware operations
aruba-cx-interfacesMonitor Aruba CX switch interface status, LLDP neighbors, and optical transceiver health
aruba-cx-switchingView and manage Aruba CX switch VLANs and MAC address tables for Layer 2 operations
aruba-cx-systemDiscover Aruba CX switch system information, firmware versions, and VSF topology