diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index 3b41b5b8a9f..998f941729c 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -338,8 +338,9 @@ public enum Config {
 	ConsoleProxyServiceOffering("Advanced", ManagementServer.class, Long.class, "consoleproxy.service.offering", null, "Service offering used by console proxy; if NULL - system offering will be used", null),
 	SecondaryStorageServiceOffering("Advanced", ManagementServer.class, Long.class, "secstorage.service.offering", null, "Service offering used by secondary storage; if NULL - system offering will be used", null),
 	HaTag("Advanced", ManagementServer.class, String.class, "ha.tag", null, "HA tag defining that the host marked with this tag can be used for HA purposes only", null),
-	VpcCleanupInterval("Advanced", ManagementServer.class, Integer.class, "vpc.cleanup.interval", "3600", "The interval (in seconds) between cleanup for Inactive VPCs", null);
-
+	VpcCleanupInterval("Advanced", ManagementServer.class, Integer.class, "vpc.cleanup.interval", "3600", "The interval (in seconds) between cleanup for Inactive VPCs", null),
+    VpcMaxNetworks("Advanced", ManagementServer.class, Integer.class, "vpc.max.networks", "3", "Maximum number of networks per vpc", null);
+	
 	
 	private final String _category;
 	private final Class<?> _componentClass;
diff --git a/server/src/com/cloud/network/dao/NetworkDao.java b/server/src/com/cloud/network/dao/NetworkDao.java
index 0d1db5bf778..c5e98812429 100644
--- a/server/src/com/cloud/network/dao/NetworkDao.java
+++ b/server/src/com/cloud/network/dao/NetworkDao.java
@@ -101,5 +101,7 @@ public interface NetworkDao extends GenericDao<NetworkVO, Long> {
     List<NetworkVO> listByVpc(long vpcId);
     
     NetworkVO getPrivateNetwork(String broadcastUri, String cidr, long accountId, long zoneId);
+    
+    long countVpcNetworks(long vpcId);
 
 }
diff --git a/server/src/com/cloud/network/dao/NetworkDaoImpl.java b/server/src/com/cloud/network/dao/NetworkDaoImpl.java
index 90bb0166b6f..62e3d381d23 100644
--- a/server/src/com/cloud/network/dao/NetworkDaoImpl.java
+++ b/server/src/com/cloud/network/dao/NetworkDaoImpl.java
@@ -67,6 +67,7 @@ public class NetworkDaoImpl extends GenericDaoBase<NetworkVO, Long> implements N
     private final GenericSearchBuilder<NetworkVO, Integer> NetworksCount;
     final SearchBuilder<NetworkVO> SourceNATSearch;
     final GenericSearchBuilder<NetworkVO, Long>  CountByZoneAndURI;
+    final GenericSearchBuilder<NetworkVO, Long> VpcNetworksCount;
     
     
     ResourceTagsDaoImpl _tagsDao = ComponentLocator.inject(ResourceTagsDaoImpl.class);
@@ -190,6 +191,11 @@ public class NetworkDaoImpl extends GenericDaoBase<NetworkVO, Long> implements N
         join6.and("service", join6.entity().getService(), Op.EQ);
         SourceNATSearch.join("services", join6, SourceNATSearch.entity().getId(), join6.entity().getNetworkId(), JoinBuilder.JoinType.INNER);
         SourceNATSearch.done();
+        
+        VpcNetworksCount = createSearchBuilder(Long.class);
+        VpcNetworksCount.and("vpcId", VpcNetworksCount.entity().getVpcId(), Op.EQ);
+        VpcNetworksCount.select(null, Func.COUNT, VpcNetworksCount.entity().getId());
+        VpcNetworksCount.done();
 
     }
 
@@ -531,4 +537,11 @@ public class NetworkDaoImpl extends GenericDaoBase<NetworkVO, Long> implements N
         txn.commit();
         return result;
     }
+
+    @Override
+    public long countVpcNetworks(long vpcId) {
+        SearchCriteria<Long> sc = VpcNetworksCount.create();
+        sc.setParameters("vpcId", vpcId);
+        return customSearch(sc, null).get(0);
+    }
 }
diff --git a/server/src/com/cloud/network/vpc/VpcManager.java b/server/src/com/cloud/network/vpc/VpcManager.java
index f6aa6ee7773..ee59025fcc4 100644
--- a/server/src/com/cloud/network/vpc/VpcManager.java
+++ b/server/src/com/cloud/network/vpc/VpcManager.java
@@ -18,7 +18,6 @@ import java.util.Set;
 
 import com.cloud.exception.ConcurrentOperationException;
 import com.cloud.exception.ResourceUnavailableException;
-import com.cloud.network.IpAddress;
 import com.cloud.network.Network.Provider;
 import com.cloud.network.Network.Service;
 import com.cloud.network.element.VpcProvider;
@@ -110,4 +109,9 @@ public interface VpcManager extends VpcService{
      * @return
      */
     VpcGateway getPrivateGatewayForVpc(long vpcId);
+
+    /**
+     * @return
+     */
+    int getMaxNetworksPerVpc();
 }
diff --git a/server/src/com/cloud/network/vpc/VpcManagerImpl.java b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
index 528f4b19185..263c47d65f6 100644
--- a/server/src/com/cloud/network/vpc/VpcManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
@@ -45,7 +45,6 @@ import com.cloud.exception.ResourceAllocationException;
 import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.exception.UnsupportedServiceException;
 import com.cloud.network.IPAddressVO;
-import com.cloud.network.IpAddress;
 import com.cloud.network.Network;
 import com.cloud.network.Network.GuestType;
 import com.cloud.network.Network.Provider;
@@ -150,11 +149,11 @@ public class VpcManagerImpl implements VpcManager, Manager{
     FirewallRulesDao _firewallDao;
 
     private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("VpcChecker"));
-
     private VpcProvider vpcElement = null;
 
     String _name;
     int _cleanupInterval;
+    int _maxNetworks;
 
     @Override
     @DB
@@ -192,7 +191,9 @@ public class VpcManagerImpl implements VpcManager, Manager{
         Map<String, String> configs = configDao.getConfiguration(params);
         String value = configs.get(Config.VpcCleanupInterval.key());
         _cleanupInterval = NumbersUtil.parseInt(value, 60 * 60); // 1 hour
-
+        
+        String maxNtwks = configs.get(Config.VpcMaxNetworks.key());
+        _maxNetworks = NumbersUtil.parseInt(maxNtwks, 3); // max=3 is default
         return true;
     }
 
@@ -972,6 +973,13 @@ public class VpcManagerImpl implements VpcManager, Manager{
         }
 
         try {
+            //check number of active networks in vpc
+            if (_ntwkDao.countVpcNetworks(vpc.getId()) >= _maxNetworks) {
+                throw new CloudRuntimeException("Number of networks per VPC can't extend " 
+                        + _maxNetworks + "; increase it using global config " + Config.VpcMaxNetworks);
+            }
+            
+            
             //1) CIDR is required
             if (cidr == null) {
                 throw new InvalidParameterValueException("Gateway/netmask are required when create network for VPC", null);
@@ -1673,4 +1681,8 @@ public class VpcManagerImpl implements VpcManager, Manager{
         return _vpcGatewayDao.getPrivateGatewayForVpc(vpcId);
     }
     
+    public int getMaxNetworksPerVpc() {
+        return _maxNetworks;
+    }
+    
 }