diff --git a/docs/NETBOX-DRAFT.md b/docs/NETBOX-DRAFT.md
new file mode 100644
index 0000000..1ca13aa
--- /dev/null
+++ b/docs/NETBOX-DRAFT.md
@@ -0,0 +1,207 @@
+# NetBox Data Import Draft
+
+**Generated:** 2026-01-19
+**Source Data:** MikroTik hAP ax³ ARP/DHCP, Unraid Docker
+
+---
+
+## 1. Site Structure
+
+### Site: XTRM Home Lab
+- **Location:** Sofia, Bulgaria
+- **Status:** Active
+
+---
+
+## 2. Network Prefixes (IPAM)
+
+| Prefix | Description | VLAN | Status |
+|--------|-------------|------|--------|
+| 62.73.120.0/23 | WAN (ISP) | - | Active |
+| 192.168.31.0/24 | LAN | 1 | Active |
+| 172.17.0.0/24 | MikroTik Docker Bridge | - | Active |
+| 172.18.0.0/16 | Unraid dockerproxy | - | Active |
+| 172.24.0.0/16 | Unraid netbox network | - | Active |
+| 192.168.216.0/24 | WireGuard VPN | - | Active |
+
+---
+
+## 3. Network Devices
+
+### 3.1 MikroTik hAP ax³ (Router)
+- **Role:** Router / Firewall / CAPsMAN Controller
+- **IP:** 192.168.31.1
+- **WAN IP:** 62.73.120.142
+- **MAC:** 78:9A:18:2C:A5:48
+- **Platform:** RouterOS 7.20.6
+
+**Interfaces:**
+| Interface | Type | Description | MAC |
+|-----------|------|-------------|-----|
+| ether1 | Ethernet | WAN | 78:9A:18:2C:A5:48 |
+| eth2_CAPac_Uplink | Ethernet | CAPac Uplink | 78:9A:18:2C:A5:49 |
+| ether3 | Ethernet | LAN | 78:9A:18:2C:A5:4A |
+| eth4_CCS324_Uplink | Ethernet | Switch Uplink | 78:9A:18:2C:A5:4B |
+| ether5 | Ethernet | Unused | 78:9A:18:2C:A5:4C |
+| bridge | Bridge | LAN Bridge | 78:9A:18:2C:A5:49 |
+| docker-bridge | Bridge | Container Network | 02:A4:4D:BB:D3:84 |
+| back-to-home-vpn | WireGuard | VPN | - |
+| hap-wifi1 | WiFi | 2.4GHz (XTRM) | 78:9A:18:2C:A5:4D |
+| hap-wifi2 | WiFi | 5GHz (XTRM) | 78:9A:18:2C:A5:4E |
+| hap-wifi2-virtual1 | WiFi | 5GHz (XTRM2) | 7A:9A:18:2C:A5:4E |
+
+**Containers on Router:**
+| Container | IP | Purpose |
+|-----------|-----|---------|
+| pihole:latest | 172.17.0.2 | Primary DNS (Pi-hole v6) |
+| unbound:latest | 172.17.0.3 | Recursive DNS |
+| tailscale:latest | 172.17.0.4 | Tailscale VPN |
+
+---
+
+### 3.2 MikroTik CSS326-24G-2S+ (Switch)
+- **Role:** Layer 2 Switch
+- **IP:** 192.168.31.9
+- **MAC:** F4:1E:57:C9:BD:09
+- **Ports:** 24x Gigabit + 2x SFP
+- **Platform:** SwOS
+
+---
+
+### 3.3 MikroTik cAP ac (Access Point)
+- **Role:** CAPsMAN Managed AP
+- **IP:** 192.168.31.6
+- **MAC:** 18:FD:74:54:3D:BC
+- **Platform:** RouterOS 7.20.1
+
+**Managed Radios:**
+| Interface | Band | SSID |
+|-----------|------|------|
+| cap-wifi1 | 2.4GHz | XTRM |
+| cap-wifi1-virtual1 | 2.4GHz | XTRM2 |
+| cap-wifi2 | 5GHz | XTRM |
+
+---
+
+## 4. Servers
+
+### 4.1 Unraid Server (XTRM-Unraid)
+- **Role:** NAS / Virtualization / Docker Host
+- **IP:** 192.168.31.2
+- **MAC:** A8:B8:E0:02:B6:15
+- **Tailscale IP:** 100.100.208.70
+- **Platform:** Unraid
+
+**Services (Docker Containers):**
+| Service | Port | Network | Purpose |
+|---------|------|---------|---------|
+| traefik | 8001/44301 | dockerproxy | Reverse Proxy |
+| authentik | 9000/9443 | dockerproxy | Identity Provider |
+| vaultwarden | 4743 | dockerproxy | Password Manager |
+| gitea | 3005/2222 | dockerproxy | Git Server |
+| woodpecker-server | 8008 | dockerproxy | CI/CD |
+| postgresql17 | 5432 | bridge | Database |
+| Redis | 6379 | bridge | Cache |
+| plex | 32400 | host | Media Server |
+| HomeAssistant | 8123 | host | Smart Home |
+| netbox | 8090 | netbox | DCIM/IPAM |
+| transmission | 9091/51413 | bridge | Torrent |
+| Nextcloud | 8666 | bridge | Cloud Storage |
+| UptimeKuma | 3001 | bridge | Monitoring |
+| portainer | 9002/9444 | bridge | Docker Management |
+| rustdesk-hbbs | 21115-21119 | bridge | Remote Desktop |
+| pangolin | 3003/3004 | bridge | Fossorial Tunnel |
+
+---
+
+## 5. Virtual Machines / Containers (Secondary)
+
+### 5.1 Pi-hole (Unraid)
+- **IP:** 192.168.31.4
+- **MAC:** 02:42:C0:A8:1F:04
+- **Role:** Secondary DNS
+
+### 5.2 Unbound (Unraid)
+- **IP:** 192.168.31.5
+- **MAC:** 02:42:C0:A8:1F:05
+- **Role:** Secondary Recursive DNS
+
+### 5.3 Home Assistant
+- **IP:** 192.168.31.15 (configured)
+- **Role:** Smart Home Controller
+
+---
+
+## 6. End User Devices
+
+### 6.1 Workstations
+| Device | IP | MAC | Owner | Notes |
+|--------|-----|-----|-------|-------|
+| xtrm-pc (LAN) | 192.168.31.95 | 08:92:04:C6:07:C5 | Kaloyan | MacBook via Dell KVM |
+| xtrm-pc (Gaming) | 192.168.31.97 | 1C:83:41:32:F3:AF | Kaloyan | Game Machine |
+| Mac (WiFi) | 192.168.31.99 | 82:EC:EF:B5:F2:AF | Kaloyan | MacBook WiFi |
+| MacBookAir | 192.168.31.79 | 82:6D:FB:D9:E0:47 | Nora | - |
+| Kimi-Notebook | 192.168.31.108 | 90:91:64:70:0D:86 | Kimi | - |
+
+### 6.2 Mobile Devices
+| Device | IP | MAC | Owner |
+|--------|-----|-----|-------|
+| S25-Ultra | 192.168.31.98 | AA:ED:8B:2A:40:F1 | Kaloyan |
+| iPhone (Dancho) | 192.168.31.114 | F2:B8:14:61:C8:27 | Dancho |
+| iPhone (Kimi) | 192.168.31.121 | 2A:2B:BA:86:D4:AF | Kimi |
+| Compusbg-iPad | 192.168.31.107 | A4:D1:D2:7B:52:BE | - |
+
+### 6.3 IoT Devices
+| Device | IP | MAC | Type |
+|--------|-----|-----|------|
+| Chromecast | 192.168.31.134 | D0:E7:82:F7:65:DD | Media |
+| Reolink Doorbell | 192.168.31.68 | 48:9E:9D:0E:16:F7 | Camera |
+| Bosch Smart Oven | 192.168.31.105 | 94:27:70:1E:0C:EE | Appliance |
+| roborock-vacuum | 192.168.31.104 | B0:4A:39:3F:9A:14 | Vacuum |
+| HP LaserJet | 192.168.31.19 | 64:4E:D7:D8:43:3E | Printer |
+
+### 6.4 Unknown/Unidentified
+| IP | MAC | Status |
+|-----|-----|--------|
+| 192.168.31.102 | AC:87:A3:77:8F:BD | homeassistant (dynamic) |
+| 192.168.31.106 | 18:DE:50:5B:C8:A6 | wlan0 |
+| 192.168.31.109 | D0:C9:07:92:1A:8E | Unknown |
+| 192.168.31.110 | D0:C9:07:8C:C9:46 | Unknown |
+| 192.168.31.113 | 38:1F:8D:04:6F:E4 | Unknown |
+| 192.168.31.139 | 50:2C:C6:7A:55:39 | Unknown |
+| 192.168.31.149 | D4:AD:FC:BE:13:B0 | Unknown |
+| 192.168.31.131 | AC:B5:7D:4D:DD:79 | Unknown |
+
+---
+
+## 7. Cables/Connections (To Be Documented)
+
+| From | From Port | To | To Port | Type |
+|------|-----------|-----|---------|------|
+| hAP ax³ | eth4_CCS324_Uplink | CSS326 | Port ? | Cat6 |
+| hAP ax³ | eth2_CAPac_Uplink | cAP ac | ether1 | Cat6 |
+| CSS326 | Port ? | Unraid | eth0 | Cat6 |
+| CSS326 | Port ? | xtrm-pc | eth0 | Cat6 |
+
+---
+
+## 8. NetBox Import Order
+
+1. **Site** - Create "XTRM Home Lab"
+2. **Manufacturers** - MikroTik, Intel, Apple, etc.
+3. **Device Types** - hAP ax³, CSS326, cAP ac, Custom Server
+4. **Device Roles** - Router, Switch, AP, Server, Workstation, IoT
+5. **Prefixes** - All network ranges
+6. **Devices** - All network devices
+7. **Interfaces** - All device interfaces
+8. **IP Addresses** - Assign to interfaces
+9. **Cables** - Document physical connections
+
+---
+
+## 9. Notes
+
+- MAC addresses starting with 02:42 are Docker containers (locally administered)
+- Some devices have randomized MACs (privacy feature)
+- DHCP pool: 192.168.31.50 - 192.168.31.200 (estimated)
+- Static assignments outside pool for infrastructure