Here is an example of creating an external facing domain (zahsystems.com) on the external f5 gtm where the Infoblox Grid Master (10.43.144.205) is the hidden master

Log into each external facing GTM (ssh)

IMPLEMENTATION

From GTM run:

tmsh create ltm dns dns-express zone zahsystems.com transfer-target 10.43.144.205 transfer-tsig-key Infoblox verify-notify-tsig no

ROLLBACK

From GTM run:

tmsh delete ltm dns dns-express zone zahsystems.com transfer-target 10.43.144.205 transfer-tsig-key Infoblox verify-notify-tsig no 

TESTING

From GTM run:

dig zahsystems.com

NOTE: (ANSWER: should not be 0)

From GTM run:

dnsxdump | grep zahsystems.com

From GTM search ltm/log for zone transfer by running:

zgrep xfr /var/log/ltm.[1-9].gz

From an internet browser of your choice (shouldn't be IE since it doesn't follow w3c compliance) Verify Internet Side… go to http://network-tools.com/nslook/

Domain: zahsystems.com

Server: gns5.thezah.com, gns6.thezah.com, gns7.thezah.com, gns8.thezah.com (try each)

Sooo, you have 4 GTM's that host your public DNS view that sync with your Infoblox environment (possibly the DNS External View).  You make the change on Infoblox but you have to manually add the domains to your GTMs.  Since they are standalone it sure would be nice to not have to go to each box and create the domain as showed above.

Here is a script that will run the command on each box all automagically.

Our shared Ubuntu Jump Box has two scripts on it

/usr/local/bin/dnsx-deploy

#!/bin/bash

display_usage() {
        echo -e "\nUsage:dnsx-deploy\n dnsx-deploy <Z-ID> <password> <DNS-express-zone>\n" 
        }
if [  $# -le 2 ]
then
        display_usage
        exit 1
fi
CDIR='/apps/scripts'
zone=$3
echo "**************************************************************"
echo "Please dont try test run with this script as we're doing changes directly on Prod appliances"
echo "Deploying DNS express zone $zone on eGTMs"
echo "**************************************************************"
COMMAND="tmsh create ltm dns dns-express zone '$zone' transfer-target 10.43.144.205 transfer-tsig-key Infoblox  verify-notify-tsig no"
/usr/bin/python2 $CDIR/dnsx-deploy.py --file $CDIR/eGTMs --cmd "$COMMAND" $1 $2

 

/apps/scripts/eGTMs

usfnt1gtm.thezah.corp
usfnt2gtm.thezah.corp
usdet1gtm.thezah.corp
usdet2gtm.thezah.corp

 

/apps/scripts/dnsx-deploy.py

#!/usr/bin/python2.7
#This code is created to deploy DNS express zones on eGTMs.
import paramiko
import sys
import socket

try:
  opt1=sys.argv[1]
  value1=sys.argv[2]
  opt2=sys.argv[3]
  value2=sys.argv[4]
  username = sys.argv[5]
  password = sys.argv[6]
except IndexError:
  print("You're not using this program as designed.)
  sys.exit()

#Check TCP 22 connection 
def Check_SSH(IP):
  s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
  s.settimeout(3)
  try:
    s.connect((IP,22))
    s.shutdown(2)
    return True
  except:
    print ("%s SSH connection failed" % (IP))
    return False


#connection
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(
    paramiko.AutoAddPolicy())

def run_cmd(device_ip,cmd,username,password):
  if Check_SSH(device_ip):
    try:
      print ("Deploying DNS express zone in %s" % (device_ip))
      ssh.connect(device_ip,port=22,username=username,password=password)
      (stdin,stdout,stderr) = ssh.exec_command(cmd)
      print ("Successfully deployed DNS express zone in %s" % (device_ip))
    except paramiko.AuthenticationException:
      print ("%s Authentication failed" % (device_ip))

def run_batch_cmd(filepath,cmd):
    fd = open (filepath,'r')
    for ip_addr in fd.readlines():
      ip_addr=ip_addr.rstrip()
      run_cmd(ip_addr,cmd,username,password)

if opt1=="--ip":
   run_cmd(value1,value2,username,password)
elif opt1=="--file":
   run_batch_cmd(value1,value2)

NOTE:

! is event designation, keyword for bash.

If you’ve ! or ^ in your password,you can use commented version of “!” in your password.

Password:- Test!working		Use:- Test”!”working

Enjoy