NetBox MCP server via ToolMesh + DADL
Use NetBox as an MCP server for Claude, GPT, and any MCP-compatible AI agent — without writing or maintaining custom MCP server code. The NetBox DADL exposes the NetBox 4.x REST API (devices, IPAM, sites, racks, prefixes, IP addresses, tenants, VLANs, interfaces, cables) as tools that AI agents call through ToolMesh.
Why this instead of a hand-written MCP server?
Section titled “Why this instead of a hand-written MCP server?”A hand-written NetBox MCP server means another Python service to deploy, secure, and update every time NetBox changes its API. The NetBox DADL is a single YAML file that ToolMesh reads at runtime: no separate process, no glue code, no version drift. Authorization, credential injection, and audit logging come from ToolMesh, not from each connector. Read the longer argument in Why MCP gateways alone don’t solve the real problem.
What is in the box
Section titled “What is in the box”- All major NetBox 4.x endpoints — DCIM (devices, racks, sites, cables), IPAM (prefixes, IPs, VLANs, VRFs), tenancy, virtualization.
- Authentication via NetBox API token, injected from
CREDENTIAL_NETBOX_TOKENat call time — never exposed to the agent or its prompt. - Pagination, filters, and field selection per endpoint, declared once in the DADL.
- Full machine-readable definition with tool list and coverage: dadl.ai/d/netbox.
Three steps to a NetBox MCP server
Section titled “Three steps to a NetBox MCP server”-
Add
netbox.dadlto your ToolMeshbackends.yaml:- name: netboxtransport: restdadl: /app/dadl/netbox.dadlurl: "https://netbox.example.com" -
Set the credential as an environment variable:
Terminal window CREDENTIAL_NETBOX_TOKEN=your-netbox-api-token -
Connect your agent — Connect Claude or Connect ChatGPT. ToolMesh exposes the NetBox tools through MCP automatically.
What you can ask the agent
Section titled “What you can ask the agent”- “Show me all devices in rack R12 in Frankfurt.”
- “Find every IP prefix in 10.0.0.0/8 whose description contains ‘kubernetes’.”
- “Create a new device
web-fra-01as type cx22 in site fsn1.” - “Decommission
legacy-bastion-01and mark its IPs as deprecated.”
Each prompt becomes one or more NetBox tool calls. Every call lands in ToolMesh’s audit log — you can replay exactly what the agent did, when, and on whose behalf.
End-to-end tutorial
Section titled “End-to-end tutorial”For the full workflow — including importing live infrastructure from Hetzner Cloud, Linode, and Xen Orchestra into a fresh NetBox with a four-phase trust-escalation model — read Populating NetBox from Real Infrastructure with ToolMesh.
Related integrations
Section titled “Related integrations”Often paired with NetBox in infrastructure-inventory workflows:
- Hetzner Cloud DADL — server and network inventory.
- Linode DADL — instance and IP inventory.
- Xen Orchestra DADL — VM and storage inventory.
- Tailscale DADL — node-to-device synchronization.
- Mikrotik DADL — switch and router state.
See all 22+ ready-to-use integrations on the integrations index or browse the full registry at dadl.ai/browse.