diff --git a/active-active-firewall.dot b/active-active-firewall.dot
new file mode 100644
index 0000000..e2e9046
--- /dev/null
+++ b/active-active-firewall.dot
@@ -0,0 +1,17 @@
+digraph G {
+    node [ shape=box ]
+
+    upstream [ label="Upstream Router" ];
+    upstreamswitch [ label="Upstream Switch" ];
+    router1 [ label="Router1" ];
+    router2 [ label="Router2" ];
+    clients [ label="Clients" ];
+
+    upstreamswitch->{router1,router2} [ label="Receive packets from 'outside'" ]
+
+    {router1,router2}->upstream [ label="BGP peering" ]
+    clients->{router1,router2} [ label="Connect to either router via 'virtual' IP address" ]
+
+    router1->router2 [ label="Exchange of session database" ]
+    router2->router1 [ label="Exchange of session database" ]
+}
diff --git a/dns-easy.dot b/dns-easy.dot
new file mode 100644
index 0000000..ea964e1
--- /dev/null
+++ b/dns-easy.dot
@@ -0,0 +1,16 @@
+digraph G {
+    node [ shape=box ]
+    #rankdir=LR;
+
+    label="
+    DNS lookups at ungleich.ch\n
+    No systemd, no network manager, no resolvconf, no systemd-resolved."
+
+    start [ shape=Mdiamond ] ;
+    resolvconf [ label="/etc/resolv.conf exists?" shape=oval ];
+    lookup [ label="Do DNS lookup" shape=doubleoctagon ];
+
+    start->resolvconf
+    resolvconf->lookup [ label="yes" ];
+
+}
diff --git a/ipv4-as-a-service-mapping.dot b/ipv4-as-a-service-mapping.dot
new file mode 100644
index 0000000..2d66cc4
--- /dev/null
+++ b/ipv4-as-a-service-mapping.dot
@@ -0,0 +1,52 @@
+digraph G {
+    node [ shape=box, fontcolor="#ffffff", color="#40a9e3", style="filled"  ]
+    label="IPv4 as a service\nby ungleich.ch"
+
+#    rankdir=LR
+
+    # subgraph cluster_v6_vm {
+    #     label="IPv6 only VM"
+    #     ipv6onlyvm [ label="IPv6 only VM"  color="#ee1100" ]
+    # }
+
+    subgraph cluster_client {
+        label="Anywhere"
+
+        client [ label="Server, VM, Notebook, Desktop" color="#ee1100" ]
+        # vm [ label="Virtual Machine"  color="#ee1100" ]
+        # server [ label="Server"  color="#ee1100" ]
+        # notebook [ label="Notebook"  color="#ee1100" ]
+        # desktop [ label="Desktop"  color="#ee1100" ]
+    }
+
+    subgraph cluster_internet {
+        label="The Internet"
+
+        v4host [ label="IPv4 host\na.b.c.d" shape=oval ]
+        v6host [ label="IPv6 host" shape=oval ]
+    }
+
+    subgraph cluster_dcl {
+        label="Data Center Light in Switzerland"
+
+        vpnserver [ label="VPN Server" ]
+        nat64 [ label="NAT64 translator" ]
+    }
+
+#    {vm,server,notebook,desktop}->vpnserver [ label="Connect to VPN" ]
+#    vpnserver->{vm,server,notebook,desktop} [ label="Route static /48 IPv6 Network\n2001:db8:42::/48" ]
+#    nat64->{vm,server,notebook,desktop} [ label="Maps 192.0.2.1\nto 2001:db8:42:b00::192.0.2.1/96" ]
+#    v6host->{vm,server,notebook,desktop} [ label="Native access to 2001:db8:42::/48" ]
+
+    client->vpnserver [ label="Connect to VPN" ]
+    vpnserver->client [ label="Route static /48 IPv6 Network\n2001:db8:42::/48" ]
+    nat64->client [ label="Maps 192.0.2.1\nto 2001:db8:42:b00::192.0.2.1/96" ]
+
+    v4host->nat64 [ label="Accesses 192.0.2.1" ]
+    v4host->client [ label="Accesses 192.0.2.1" style=dashed ]
+    v6host->client [ label="Native access to 2001:db8:42::/48" ]
+
+    client->v4host [ label="Access any IPv4 host" style=dashed ]
+    client->nat64 [ label="Access any IPv4 host\nvia 2001:db:c001::a.b.c.d/96" ]
+
+}