infrastructure/docs/NETBOX-DRAFT.md

NetBox Data Import Draft

Generated: 2026-01-19 Source Data: MikroTik hAP ax³ ARP/DHCP, Unraid Docker

---

1. Site Structure

Site: XTRM Home Lab

• Location: Sofia, Bulgaria
• Status: Active

---

2. Network Prefixes (IPAM)

Prefix	Description	VLAN	Status
62.73.120.0/23	WAN (ISP)	-	Active
192.168.31.0/24	LAN	1	Active
172.17.0.0/24	MikroTik Docker Bridge	-	Active
172.18.0.0/16	Unraid dockerproxy	-	Active
172.24.0.0/16	Unraid netbox network	-	Active
192.168.216.0/24	WireGuard VPN	-	Active

---

3. Network Devices

3.1 MikroTik hAP ax³ (Router)

• Role: Router / Firewall / CAPsMAN Controller
• IP: 192.168.31.1
• WAN IP: 62.73.120.142
• MAC: 78:9A:18:2C:A5:48
• Platform: RouterOS 7.20.6

Interfaces:

Interface	Type	Description	MAC
ether1	Ethernet	WAN	78:9A:18:2C:A5:48
eth2_CAPac_Uplink	Ethernet	CAPac Uplink	78:9A:18:2C:A5:49
ether3	Ethernet	LAN	78:9A:18:2C:A5:4A
eth4_CCS324_Uplink	Ethernet	Switch Uplink	78:9A:18:2C:A5:4B
ether5	Ethernet	Unused	78:9A:18:2C:A5:4C
bridge	Bridge	LAN Bridge	78:9A:18:2C:A5:49
docker-bridge	Bridge	Container Network	02:A4:4D:BB:D3:84
back-to-home-vpn	WireGuard	VPN	-
hap-wifi1	WiFi	2.4GHz (XTRM)	78:9A:18:2C:A5:4D
hap-wifi2	WiFi	5GHz (XTRM)	78:9A:18:2C:A5:4E
hap-wifi2-virtual1	WiFi	5GHz (XTRM2)	7A:9A:18:2C:A5:4E

Containers on Router:

Container	IP	Purpose
pihole:latest	172.17.0.2	Primary DNS (Pi-hole v6)
unbound:latest	172.17.0.3	Recursive DNS
tailscale:latest	172.17.0.4	Tailscale VPN

---

3.2 MikroTik CSS326-24G-2S+ (Switch)

• Role: Layer 2 Switch
• IP: 192.168.31.9
• MAC: F4:1E:57:C9:BD:09
• Ports: 24x Gigabit + 2x SFP
• Platform: SwOS

---

3.4 2.5GbE Managed Switch

• Role: Layer 2 Switch (High-Speed Aggregation)
• IP: 192.168.31.? (TBD)
• MAC: ? (TBD)
• Ports: 8x 2.5GbE RJ45 + 2x 10GbE SFP+
• Platform: ? (TBD)

Interfaces:

Port	Type	Speed	Connected To
Port 1	RJ45	2.5GbE	Unraid Server
Port 2	RJ45	2.5GbE	?
Port 3	RJ45	2.5GbE	?
Port 4	RJ45	2.5GbE	?
Port 5	RJ45	2.5GbE	?
Port 6	RJ45	2.5GbE	?
Port 7	RJ45	2.5GbE	?
Port 8	RJ45	2.5GbE	hAP ax³ (Uplink)
SFP+ 1	SFP+	10GbE	CSS326 (SFP Link)
SFP+ 2	SFP+	10GbE	?

---

3.3 MikroTik cAP ac (Access Point)

• Role: CAPsMAN Managed AP
• IP: 192.168.31.6
• MAC: 18:FD:74:54:3D:BC
• Platform: RouterOS 7.20.1

Managed Radios:

Interface	Band	SSID
cap-wifi1	2.4GHz	XTRM
cap-wifi1-virtual1	2.4GHz	XTRM2
cap-wifi2	5GHz	XTRM

---

4. Servers

4.1 Unraid Server (XTRM-Unraid)

• Role: NAS / Virtualization / Docker Host
• IP: 192.168.31.2
• MAC: A8:B8:E0:02:B6:15
• Tailscale IP: 100.100.208.70
• Platform: Unraid

Services (Docker Containers):

Service	Port	Network	Purpose
traefik	8001/44301	dockerproxy	Reverse Proxy
authentik	9000/9443	dockerproxy	Identity Provider
vaultwarden	4743	dockerproxy	Password Manager
gitea	3005/2222	dockerproxy	Git Server
woodpecker-server	8008	dockerproxy	CI/CD
postgresql17	5432	bridge	Database
Redis	6379	bridge	Cache
plex	32400	host	Media Server
HomeAssistant	8123	host	Smart Home
netbox	8090	netbox	DCIM/IPAM
transmission	9091/51413	bridge	Torrent
Nextcloud	8666	bridge	Cloud Storage
UptimeKuma	3001	bridge	Monitoring
portainer	9002/9444	bridge	Docker Management
rustdesk-hbbs	21115-21119	bridge	Remote Desktop
pangolin	3003/3004	bridge	Fossorial Tunnel

---

5. Virtual Machines / Containers (Secondary)

5.1 Pi-hole (Unraid)

• IP: 192.168.31.4
• MAC: 02:42:C0:A8:1F:04
• Role: Secondary DNS

5.2 Unbound (Unraid)

• IP: 192.168.31.5
• MAC: 02:42:C0:A8:1F:05
• Role: Secondary Recursive DNS

5.3 Home Assistant

• IP: 192.168.31.15 (configured)
• Role: Smart Home Controller

---

6. End User Devices

6.1 Workstations

Device	IP	MAC	Owner	Notes
xtrm-pc (LAN)	192.168.31.95	08:92:04:C6:07:C5	Kaloyan	MacBook via Dell KVM
xtrm-pc (Gaming)	192.168.31.97	1C:83:41:32:F3:AF	Kaloyan	Game Machine
Mac (WiFi)	192.168.31.99	82:EC:EF:B5:F2:AF	Kaloyan	MacBook WiFi
MacBookAir	192.168.31.79	82:6D:FB:D9:E0:47	Nora	-
Kimi-Notebook	192.168.31.108	90:91:64:70:0D:86	Kimi	-

6.2 Mobile Devices

Device	IP	MAC	Owner
S25-Ultra	192.168.31.98	AA:ED:8B:2A:40:F1	Kaloyan
iPhone (Dancho)	192.168.31.114	F2:B8:14:61:C8:27	Dancho
iPhone (Kimi)	192.168.31.121	2A:2B:BA:86:D4:AF	Kimi
Compusbg-iPad	192.168.31.107	A4:D1:D2:7B:52:BE	-

6.3 IoT Devices

Device	IP	MAC	Type
Chromecast	192.168.31.134	D0:E7:82:F7:65:DD	Media
Reolink Doorbell	192.168.31.68	48:9E:9D:0E:16:F7	Camera
Bosch Smart Oven	192.168.31.105	94:27:70:1E:0C:EE	Appliance
roborock-vacuum	192.168.31.104	B0:4A:39:3F:9A:14	Vacuum
HP LaserJet	192.168.31.19	64:4E:D7:D8:43:3E	Printer

6.4 Unknown/Unidentified

IP	MAC	Status
192.168.31.102	AC:87:A3:77:8F:BD	homeassistant (dynamic)
192.168.31.106	18:DE:50:5B:C8:A6	wlan0
192.168.31.109	D0:C9:07:92:1A:8E	Unknown
192.168.31.110	D0:C9:07:8C:C9:46	Unknown
192.168.31.113	38:1F:8D:04:6F:E4	Unknown
192.168.31.139	50:2C:C6:7A:55:39	Unknown
192.168.31.149	D4:AD:FC:BE:13:B0	Unknown
192.168.31.131	AC:B5:7D:4D:DD:79	Unknown

---

7. Cables/Connections (To Be Documented)

Network Topology:

                    [ISP]
                      |
                [hAP ax³] (Router)
                  |     \
            (eth) |      \ (eth)
                  |       \
        [2.5GbE Switch]  [cAP ac]
           |      |
     (2.5G)|      |(SFP+ 10G)
           |      |
       [Unraid] [CSS326]
                  |
            [Other devices]

From	From Port	To	To Port	Type
hAP ax³	ether?	2.5GbE Switch	Port 8	Cat6
hAP ax³	eth2_CAPac_Uplink	cAP ac	ether1	Cat6
2.5GbE Switch	Port 1	Unraid	eth0	Cat6 (2.5GbE)
2.5GbE Switch	SFP+ 1	CSS326	SFP 1	DAC/Fiber (10GbE)
CSS326	Port ?	xtrm-pc	eth0	Cat6

---

8. NetBox Import Order

1. Site - Create "XTRM Home Lab"
2. Manufacturers - MikroTik, Intel, Apple, etc.
3. Device Types - hAP ax³, CSS326, cAP ac, Custom Server
4. Device Roles - Router, Switch, AP, Server, Workstation, IoT
5. Prefixes - All network ranges
6. Devices - All network devices
7. Interfaces - All device interfaces
8. IP Addresses - Assign to interfaces
9. Cables - Document physical connections

---

9. Notes

• MAC addresses starting with 02:42 are Docker containers (locally administered)
• Some devices have randomized MACs (privacy feature)
• DHCP pool: 192.168.31.50 - 192.168.31.200 (estimated)
• Static assignments outside pool for infrastructure