diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py
index c3835542325..5a0090de5b1 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py
@@ -285,7 +285,9 @@ class CsIP:
 
             CsRule(self.dev).addMark()
             self.check_is_up()
-            if self.dnum != '0':
+            if not self.config.is_vpc() and self.dnum != '0':
+                self.set_mark()
+            if self.config.is_vpc():
                 self.set_mark()
             self.arpPing()
 
@@ -435,10 +437,10 @@ class CsIP:
     def fw_vpcrouter(self):
         if not self.config.is_vpc():
             return
-        self.fw.append(["mangle", "front", "-A PREROUTING " +
-                        "-m state --state RELATED,ESTABLISHED " +
-                        "-j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff"])
         if self.get_type() in ["guest"]:
+            self.fw.append(["mangle", "front", "-A PREROUTING " +
+                            " -i %s -m state --state RELATED,ESTABLISHED "  % self.dev +
+                            "-j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff"])
             self.fw.append(["filter", "", "-A FORWARD -d %s -o %s -j ACL_INBOUND_%s" %
                             (self.address['network'], self.dev, self.dev)])
             self.fw.append(
@@ -512,20 +514,26 @@ class CsIP:
         tableName = "Table_" + self.dev
 
         if method == "add":
-            # treat the first IP on a interface as special case to set up the routing rules
-            if self.get_type() in ["public"] and (not self.config.is_vpc()) and (len(self.iplist) == 1):
-                CsHelper.execute("sudo ip route add throw " + self.config.address().dbag['eth0'][0]['network'] + " table " + tableName + " proto static")
-                CsHelper.execute("sudo ip route add throw " + self.config.address().dbag['eth1'][0]['network'] + " table " + tableName + " proto static")
+            if not self.config.is_vpc():
+                # treat the first IP on a interface as special case to set up the routing rules
+                if self.get_type() in ["public"] and (len(self.iplist) == 1):
+                    CsHelper.execute("sudo ip route add throw " + self.config.address().dbag['eth0'][0]['network'] + " table " + tableName + " proto static")
+                    CsHelper.execute("sudo ip route add throw " + self.config.address().dbag['eth1'][0]['network'] + " table " + tableName + " proto static")
 
-            # add 'defaul via gateway' rule in the device specific routing table
-            if "gateway" in self.address and self.address["gateway"] != "None":
-                route.add_route(self.dev, self.address["gateway"])
+                # add 'defaul via gateway' rule in the device specific routing table
+                if "gateway" in self.address and self.address["gateway"] != "None":
+                    route.add_route(self.dev, self.address["gateway"])
+
+                if self.get_type() in ["public"]:
+                    CsRule(self.dev).addRule("from " + str(self.address["network"]))
+
+            if self.config.is_vpc():
+                if self.get_type() in ["public"] and "gateway" in self.address and self.address["gateway"] != "None":
+                    route.add_route(self.dev, self.address["gateway"])
+                route.add_network_route(self.dev, str(self.address["network"]))
 
             CsHelper.execute("sudo ip route flush cache")
 
-            if self.get_type() in ["public"]:
-                CsRule(self.dev).addRule("from " + str(self.address["network"]))
-
         elif method == "delete":
             # treat the last IP to be dis-associated with interface as special case to clean up the routing rules
             if self.get_type() in ["public"] and (not self.config.is_vpc()) and (len(self.iplist) == 0):
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRoute.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRoute.py
index 4868bf54ebc..927c2ae0d74 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRoute.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRoute.py
@@ -57,6 +57,15 @@ class CsRoute:
         cmd = "default via %s table %s proto static" % (address, table)
         self.set_route(cmd)
 
+    def add_network_route(self, dev, address):
+        """ Wrapper method that adds table name and device to route statement """
+        # ip route add dev eth1 table Table_eth1 10.0.2.0/24
+        table = self.get_tablename(dev)
+        logging.info("Adding route: dev " + dev + " table: " +
+                     table + " network: " + address + " if not present")
+        cmd = "dev %s table %s %s" % (dev, table, address)
+        self.set_route(cmd)
+
     def set_route(self, cmd, method="add"):
         """ Add a route if it is not already defined """
         found = False