diff --git a/api/src/com/cloud/agent/api/PvlanSetupCommand.java b/api/src/com/cloud/agent/api/PvlanSetupCommand.java
index 22a828afa8b..e5d4da09003 100644
--- a/api/src/com/cloud/agent/api/PvlanSetupCommand.java
+++ b/api/src/com/cloud/agent/api/PvlanSetupCommand.java
@@ -23,17 +23,16 @@ import com.cloud.utils.net.NetUtils;
 public class PvlanSetupCommand extends Command {
 	public enum Type {
 		DHCP,
-		VM,
-		VM_IN_DHCP_HOST
+		VM
 	}
 	private String op;
 	private String bridge;
 	private String primary;
 	private String isolated;
 	private String vmMac;
+	private String dhcpName;
 	private String dhcpMac;
 	private String dhcpIp;
-	private boolean strict;
 	private Type type;
 
 	protected PvlanSetupCommand() {}
@@ -45,12 +44,12 @@ public class PvlanSetupCommand extends Command {
 		this.bridge = bridge;
 		this.primary = NetUtils.getPrimaryPvlanFromUri(uri);
 		this.isolated = NetUtils.getIsolatedPvlanFromUri(uri);
-		this.strict = true;
 	}
 	
-	static public PvlanSetupCommand createDhcpSetup(String op, String bridge, URI uri, String dhcpMac, String dhcpIp)
+	static public PvlanSetupCommand createDhcpSetup(String op, String bridge, URI uri, String dhcpName, String dhcpMac, String dhcpIp)
 	{
 		PvlanSetupCommand cmd = new PvlanSetupCommand(Type.DHCP, op, bridge, uri);
+		cmd.setDhcpName(dhcpName);
 		cmd.setDhcpMac(dhcpMac);
 		cmd.setDhcpIp(dhcpIp);
 		return cmd;
@@ -63,14 +62,6 @@ public class PvlanSetupCommand extends Command {
 		return cmd;
 	}
 	
-	static public PvlanSetupCommand createVmInDhcpHostSetup(String op, String bridge, URI uri, String dhcpMac, String vmMac)
-	{
-		PvlanSetupCommand cmd = new PvlanSetupCommand(Type.VM_IN_DHCP_HOST, op, bridge, uri);
-		cmd.setDhcpMac(dhcpMac);
-		cmd.setVmMac(vmMac);
-		return cmd;
-	}
-	
 	@Override
 	public boolean executeInSequence() {
 		return true;
@@ -120,11 +111,11 @@ public class PvlanSetupCommand extends Command {
 		return type;
 	}
 
-	public boolean isStrict() {
-		return strict;
+	public String getDhcpName() {
+		return dhcpName;
 	}
 
-	public void setStrict(boolean strict) {
-		this.strict = strict;
+	public void setDhcpName(String dhcpName) {
+		this.dhcpName = dhcpName;
 	}
 }
diff --git a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
index 34b590e40c9..933f4d33eff 100644
--- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
+++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
@@ -1475,13 +1475,16 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
     	String isolatedPvlan = cmd.getIsolated();
     	String op = cmd.getOp();
     	String bridge = cmd.getBridge();
-    	String result = null;
+    	String dhcpName = cmd.getDhcpName();
     	String dhcpMac = cmd.getDhcpMac();
     	String dhcpIp = cmd.getDhcpIp();
     	String vmMac = cmd.getVmMac();
+    	
+    	String result = null;
     	if (cmd.getType() == PvlanSetupCommand.Type.DHCP) {
     		result = callHostPlugin(conn, "ovs-pvlan", "setup-pvlan-dhcp", "op", op, "bridge", bridge,
-    				"primary-pvlan", primaryPvlan, "isolated-pvlan", isolatedPvlan, "dhcp-ip", dhcpIp, "dhcp-mac", dhcpMac);
+    				"primary-pvlan", primaryPvlan, "isolated-pvlan", isolatedPvlan, "dhcp-name", dhcpName,
+    				"dhcp-ip", dhcpIp, "dhcp-mac", dhcpMac);
     		if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) {
     			s_logger.warn("Failed to program pvlan for dhcp server with mac " + dhcpMac);
     			return new Answer(cmd, false, result);
@@ -1489,7 +1492,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
     			s_logger.info("Programmed pvlan for dhcp server with mac " + dhcpMac);
     		}
     	} else if (cmd.getType() == PvlanSetupCommand.Type.VM) {
-    		result = callHostPlugin(conn, "ovs-pvlan", "setup-pvlan-vm-alone", "op", op, "bridge", bridge,
+    		result = callHostPlugin(conn, "ovs-pvlan", "setup-pvlan-vm", "op", op, "bridge", bridge,
     				"primary-pvlan", primaryPvlan, "isolated-pvlan", isolatedPvlan, "vm-mac", vmMac);
     		if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) {
     			s_logger.warn("Failed to program pvlan for vm with mac " + vmMac);
@@ -1497,15 +1500,6 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
     		} else {
     			s_logger.info("Programmed pvlan for vm with mac " + vmMac);
     		}
-    	} else if (cmd.getType() == PvlanSetupCommand.Type.VM_IN_DHCP_HOST) {
-    		result = callHostPlugin(conn, "ovs-pvlan", "setup-pvlan-vm-dhcp", "op", op, "bridge", bridge,
-    				"primary-pvlan", primaryPvlan, "isolated-pvlan", isolatedPvlan, "vm-mac", vmMac, "dhcp-mac", dhcpMac);
-    		if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) {
-    			s_logger.warn("Failed to program pvlan for vm in dhcp host with mac " + vmMac);
-    			return new Answer(cmd, false, result);
-    		} else {
-    			s_logger.info("Programmed pvlan for vm in dhcp host with mac " + vmMac);
-    		}
     	}
     	return new Answer(cmd, true, result);
     }
diff --git a/scripts/vm/hypervisor/xenserver/ovs-get-dhcp-port.sh b/scripts/vm/hypervisor/xenserver/ovs-get-dhcp-port.sh
new file mode 100644
index 00000000000..a30b180bed0
--- /dev/null
+++ b/scripts/vm/hypervisor/xenserver/ovs-get-dhcp-port.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+# 
+#   http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+#!/bin/bash
+
+bridge=$1
+dhcp_name=$2
+dom_id=`xe vm-list is-control-domain=false power-state=running params=dom-id name-label=$dhcp_name|cut -d ':' -f 2 |tr -d ' ' `
+iface="vif${dom_id}.0"
+port=`ovs-ofctl show $bridge|grep $iface|cut -d '(' -f 1|tr -d ' '`
+echo $port
diff --git a/scripts/vm/hypervisor/xenserver/ovs-pvlan b/scripts/vm/hypervisor/xenserver/ovs-pvlan
index 2c1e3af8f77..372d3c8d05b 100755
--- a/scripts/vm/hypervisor/xenserver/ovs-pvlan
+++ b/scripts/vm/hypervisor/xenserver/ovs-pvlan
@@ -33,8 +33,8 @@ from time import localtime as _localtime, asctime as _asctime
 xePath = "/opt/xensource/bin/xe"
 lib.setup_logging("/var/log/ovs-pvlan.log")
 dhcpSetupPath = "/opt/xensource/bin/ovs-pvlan-dhcp-host.sh"
-vmAloneSetupPath = "/opt/xensource/bin/ovs-pvlan-vm.sh"
-vmDhcpSetupPath = "/opt/xensource/bin/ovs-pvlan-vm-in-dhcp-host.sh"
+vmSetupPath = "/opt/xensource/bin/ovs-pvlan-vm.sh"
+getDhcpPortPath = "/opt/xensource/bin/ovs-get-dhcp-port.sh"
 pvlanCleanupPath = "/opt/xensource/bin/ovs-pvlan-cleanup.sh"
 
 def echo(fn):
@@ -53,17 +53,21 @@ def setup_pvlan_dhcp(session, args):
     bridge = args.pop("bridge")
     primary = args.pop("primary-pvlan")
     isolated = args.pop("isolated-pvlan")
-    dhcp_ip = args.pop("dhcp-ip");
-    dhcp_mac = args.pop("dhcp-mac");
+    dhcp_name = args.pop("dhcp-name")
+    dhcp_ip = args.pop("dhcp-ip")
+    dhcp_mac = args.pop("dhcp-mac")
 
     res = lib.check_switch()
     if res != "SUCCESS":
         return "FAILURE:%s" % res
 
     if op == "add":
+        logging.debug("Try to get dhcp vm %s port on the switch:%s" % (dhcp_name, bridge))
+        dhcp_port = lib.do_cmd([getDhcpPortPath, bridge, dhcp_name])
         logging.debug("About to setup dhcp vm on the switch:%s" % bridge)
         res = lib.do_cmd([dhcpSetupPath, "-A", "-b", bridge, "-p", primary,
-            "-i", isolated, "-d", dhcp_ip, "-m", dhcp_mac])
+            "-i", isolated, "-n", dhcp_name, "-d", dhcp_ip, "-m", dhcp_mac,
+            "-P", dhcp_port])
 	if res:
 	    result = "FAILURE:%s" % res
 	    return result;
@@ -71,7 +75,7 @@ def setup_pvlan_dhcp(session, args):
     elif op == "delete":
         logging.debug("About to remove dhcp the switch:%s" % bridge)
         res = lib.do_cmd([dhcpSetupPath, "-D", "-b", bridge, "-p", primary,
-            "-i", isolated, "-d", dhcp_ip, "-m", dhcp_mac])
+            "-i", isolated, "-n", dhcp_name, "-d", dhcp_ip, "-m", dhcp_mac])
 	if res:
 	    result = "FAILURE:%s" % res
 	    return result;
@@ -82,9 +86,10 @@ def setup_pvlan_dhcp(session, args):
     return result
 
 @echo
-def setup_pvlan_vm_alone(session, args):
+def setup_pvlan_vm(session, args):
     op = args.pop("op")
     bridge = args.pop("bridge")
+    primary = args.pop("primary-pvlan")
     isolated = args.pop("isolated-pvlan")
     vm_mac = args.pop("vm-mac")
     trunk_port = 1
@@ -94,58 +99,24 @@ def setup_pvlan_vm_alone(session, args):
         return "FAILURE:%s" % res
 
     if op == "add":
-        logging.debug("About to setup vm alone on the switch:%s" % bridge)
-        res = lib.do_cmd([vmAloneSetupPath, "-A", "-b", bridge, "-i", isolated, "-v", vm_mac])
+        logging.debug("About to setup vm on the switch:%s" % bridge)
+        res = lib.do_cmd([vmSetupPath, "-A", "-b", bridge, "-p", primary, "-i", isolated, "-v", vm_mac])
 	if res:
 	    result = "FAILURE:%s" % res
 	    return result;
-	logging.debug("Setup vm alone on switch program done")
+	logging.debug("Setup vm on switch program done")
     elif op == "delete":
-        logging.debug("About to remove vm alone on the switch:%s" % bridge)
-        res = lib.do_cmd([vmAloneSetupPath, "-D", "-b", bridge, "-i", isolated, "-v", vm_mac])
+        logging.debug("About to remove vm on the switch:%s" % bridge)
+        res = lib.do_cmd([vmSetupPath, "-D", "-b", bridge, "-p", primary, "-i", isolated, "-v", vm_mac])
 	if res:
 	    result = "FAILURE:%s" % res
 	    return result;
-	logging.debug("Remove vm alone on switch program done")
+	logging.debug("Remove vm on switch program done")
 
     result = "true"
     logging.debug("Setup_pvlan_vm_alone completed with result:%s" % result)
     return result
 
-@echo
-def setup_pvlan_vm_dhcp(session, args):
-    op = args.pop("op")
-    bridge = args.pop("bridge")
-    isolated = args.pop("isolated-pvlan")
-    vm_mac = args.pop("vm-mac")
-    dhcp_mac = args.pop("dhcp-mac");
-    trunk_port = 1
-
-    res = lib.check_switch()
-    if res != "SUCCESS":
-        return "FAILURE:%s" % res
-
-    if op == "add":
-        logging.debug("About to setup vm dhcp on the switch:%s" % bridge)
-        res = lib.do_cmd([vmDhcpSetupPath, "-A", "-b", bridge, "-i", isolated,
-            "-v", vm_mac, "-m", dhcp_mac])
-	if res:
-	    result = "FAILURE:%s" % res
-	    return result;
-	logging.debug("Setup vm dhcp on switch program done")
-    elif op == "delete":
-        logging.debug("About to remove vm dhcp on the switch:%s" % bridge)
-        res = lib.do_cmd([vmDhcpSetupPath, "-D", "-b", bridge, "-i", isolated,
-            "-v", vm_mac, "-m", dhcp_mac])
-	if res:
-	    result = "FAILURE:%s" % res
-	    return result;
-	logging.debug("Remove vm dhcp on switch program done")
-
-    result = "true"
-    logging.debug("Setup_pvlan_vm_dhcp completed with result:%s" % result)
-    return result
-
 @echo
 def cleanup(session, args):
     res = lib.check_switch()
@@ -163,6 +134,5 @@ def cleanup(session, args):
 
 if __name__ == "__main__":
     XenAPIPlugin.dispatch({"setup-pvlan-dhcp": setup_pvlan_dhcp,
-                           "setup-pvlan-vm-alone": setup_pvlan_vm_alone,
-                           "setup-pvlan-vm-dhcp": setup_pvlan_vm_dhcp,
+                           "setup-pvlan-vm": setup_pvlan_vm,
                            "cleanup":cleanup})
diff --git a/scripts/vm/hypervisor/xenserver/xenserver60/patch b/scripts/vm/hypervisor/xenserver/xenserver60/patch
index c767f1af7df..97595190904 100644
--- a/scripts/vm/hypervisor/xenserver/xenserver60/patch
+++ b/scripts/vm/hypervisor/xenserver/xenserver60/patch
@@ -69,6 +69,6 @@ swiftxen=..,0755,/etc/xapi.d/plugins
 s3xen=..,0755,/etc/xapi.d/plugins
 ovs-pvlan=..,0755,/etc/xapi.d/plugins
 ovs-pvlan-dhcp-host.sh=../../../network,0755,/opt/xensource/bin
-ovs-pvlan-vm-in-dhcp-host.sh=../../../network,0755,/opt/xensource/bin
 ovs-pvlan-vm.sh=../../../network,0755,/opt/xensource/bin
 ovs-pvlan-cleanup.sh=../../../network,0755,/opt/xensource/bin
+ovs-get-dhcp-port.sh=..,0755,/opt/xensource/bin
diff --git a/scripts/vm/network/ovs-pvlan-dhcp-host.sh b/scripts/vm/network/ovs-pvlan-dhcp-host.sh
index e12fbce0f18..93f56534beb 100755
--- a/scripts/vm/network/ovs-pvlan-dhcp-host.sh
+++ b/scripts/vm/network/ovs-pvlan-dhcp-host.sh
@@ -16,20 +16,26 @@
 # specific language governing permissions and limitations
 # under the License.
 
+#!/bin/bash
+
+source ovs-func.sh
+
 usage() {
-  printf "Usage: %s: (-A|-D) -b <bridge/switch> -p <primary vlan> -i <secondary isolated vlan> -d <DHCP server IP> -m <DHCP server MAC> -v <VM MAC> -h \n" $(basename $0) >&2
+  printf "Usage: %s: (-A|-D) -b <bridge/switch> -p <primary vlan> -i <secondary isolated vlan> -n <DHCP server name> -d <DHCP server IP> -m <DHCP server MAC> -P <DHCP on OVS port> -v <VM MAC> -h \n" $(basename $0) >&2
   exit 2
 }
 
 br=
 pri_vlan=
 sec_iso_vlan=
+dhcp_name=
 dhcp_ip=
 dhcp_mac=
+dhcp_port=
 vm_mac=
 op=
 
-while getopts 'ADb:p:i:d:m:v:h' OPTION
+while getopts 'ADb:p:i:d:m:v:n:P:h' OPTION
 do
   case $OPTION in
   A)  op="add"
@@ -42,10 +48,14 @@ do
       ;;
   i)  sec_iso_vlan="$OPTARG"
       ;;
+  n)  dhcp_name="$OPTARG"
+      ;;
   d)  dhcp_ip="$OPTARG"
       ;;
   m)  dhcp_mac="$OPTARG"
       ;;
+  P)  dhcp_port="$OPTARG"
+      ;;
   v)  vm_mac="$OPTARG"
       ;;
   h)  usage
@@ -78,6 +88,12 @@ then
     exit 1
 fi
 
+if [ -z "$dhcp_name" ]
+then
+    echo Missing parameter DHCP NAME!
+    exit 1
+fi
+
 if [ -z "$dhcp_ip" ]
 then
     echo Missing parameter DHCP IP!
@@ -90,12 +106,18 @@ then
     exit 1
 fi
 
+if [ "$op" == "add" -a -z "$dhcp_port" ]
+then
+    echo Missing parameter DHCP PORT!
+    exit 1
+fi
+
 if [ "$op" == "add" ]
 then
-    ovs-ofctl add-flow $br priority=200,arp,dl_vlan=$sec_iso_vlan,nw_dst=$dhcp_ip,actions=mod_vlan_vid:$pri_vlan,NORMAL
-    ovs-ofctl add-flow $br priority=180,arp,nw_dst=$dhcp_ip,actions=NORMAL
-    ovs-ofctl add-flow $br priority=150,dl_vlan=$sec_iso_vlan,dl_dst=$dhcp_mac,actions=mod_vlan_vid:$pri_vlan,NORMAL
-    ovs-ofctl add-flow $br priority=100,udp,dl_vlan=$sec_iso_vlan,nw_dst=255.255.255.255,tp_dst=67,actions=mod_vlan_vid:$pri_vlan,NORMAL
+    ovs-ofctl add-flow $br priority=200,arp,dl_vlan=$sec_iso_vlan,nw_dst=$dhcp_ip,actions=strip_vlan,output:$dhcp_port
+    ovs-ofctl add-flow $br priority=180,arp,nw_dst=$dhcp_ip,actions=strip_vlan,output:$dhcp_port
+    ovs-ofctl add-flow $br priority=150,dl_vlan=$sec_iso_vlan,dl_dst=$dhcp_mac,actions=strip_vlan,output:$dhcp_port
+    ovs-ofctl add-flow $br priority=100,udp,dl_vlan=$sec_iso_vlan,nw_dst=255.255.255.255,tp_dst=67,actions=strip_vlan,output:$dhcp_port
 else
     ovs-ofctl del-flows --strict $br priority=200,arp,dl_vlan=$sec_iso_vlan,nw_dst=$dhcp_ip
     ovs-ofctl del-flows --strict $br priority=180,arp,nw_dst=$dhcp_ip
diff --git a/scripts/vm/network/ovs-pvlan-vm-in-dhcp-host.sh b/scripts/vm/network/ovs-pvlan-vm-in-dhcp-host.sh
deleted file mode 100755
index de37882159c..00000000000
--- a/scripts/vm/network/ovs-pvlan-vm-in-dhcp-host.sh
+++ /dev/null
@@ -1,88 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-usage() {
-  printf "Usage: %s: (-A|-D) -b <bridge/switch> -p <primary vlan> -i <secondary isolated vlan> -d <DHCP server IP> -m <DHCP server MAC> -v <VM MAC> -h \n" $(basename $0) >&2
-  exit 2
-}
-
-br=
-pri_vlan=
-sec_iso_vlan=
-dhcp_ip=
-dhcp_mac=
-vm_mac=
-op=
-
-while getopts 'ADb:p:i:d:m:v:h' OPTION
-do
-  case $OPTION in
-  A)  op="add"
-      ;;
-  D)  op="del"
-      ;;
-  b)  br="$OPTARG"
-      ;;
-  p)  pri_vlan="$OPTARG"
-      ;;
-  i)  sec_iso_vlan="$OPTARG"
-      ;;
-  d)  dhcp_ip="$OPTARG"
-      ;;
-  m)  dhcp_mac="$OPTARG"
-      ;;
-  v)  vm_mac="$OPTARG"
-      ;;
-  h)  usage
-      exit 1
-      ;;
-  esac
-done
-
-if [ -z "$op" ]
-then
-    echo Missing operation pararmeter!
-    exit 1
-fi
-
-if [ -z "$br" ]
-then
-    echo Missing parameter bridge!
-    exit 1
-fi
-
-if [ -z "$vm_mac" ]
-then
-    echo Missing parameter VM MAC!
-    exit 1
-fi
-
-if [ -z "$dhcp_mac" ]
-then
-    echo Missing parameter DHCP MAC!
-    exit 1
-fi
-
-if [ "$op" == "add" ]
-then
-    ovs-ofctl add-flow $br priority=120,dl_src=$vm_mac,dl_dst=$dhcp_mac,actions=NORMAL
-    ovs-ofctl add-flow $br priority=80,udp,dl_src=$vm_mac,nw_dst=255.255.255.255,tp_dst=67,actions=NORMAL
-else
-    ovs-ofctl del-flows --strict $br priority=120,dl_src=$vm_mac,dl_dst=$dhcp_mac
-    ovs-ofctl del-flows --strict $br priority=80,udp,dl_src=$vm_mac,nw_dst=255.255.255.255,tp_dst=67
-fi
diff --git a/scripts/vm/network/ovs-pvlan-vm.sh b/scripts/vm/network/ovs-pvlan-vm.sh
index 8ac20df5ad1..4bad11c7624 100755
--- a/scripts/vm/network/ovs-pvlan-vm.sh
+++ b/scripts/vm/network/ovs-pvlan-vm.sh
@@ -16,6 +16,8 @@
 # specific language governing permissions and limitations
 # under the License.
 
+#!/bin/bash
+
 usage() {
   printf "Usage: %s: (-A|-D) -b <bridge/switch> -p <primary vlan> -i <secondary isolated vlan> -d <DHCP server IP> -m <DHCP server MAC> -v <VM MAC> -h \n" $(basename $0) >&2
   exit 2
@@ -72,6 +74,12 @@ then
     exit 1
 fi
 
+if [ -z "$pri_vlan" ]
+then
+    echo Missing parameter secondary isolate vlan!
+    exit 1
+fi
+
 if [ -z "$sec_iso_vlan" ]
 then
     echo Missing parameter secondary isolate vlan!
@@ -82,9 +90,10 @@ trunk_port=1
 
 if [ "$op" == "add" ]
 then
-    ovs-ofctl add-flow $br priority=50,dl_src=$vm_mac,actions=mod_vlan_vid:$sec_iso_vlan,output:$trunk_port
+    ovs-ofctl add-flow $br priority=50,dl_vlan=0xffff,dl_src=$vm_mac,actions=mod_vlan_vid:$sec_iso_vlan,resubmit:$trunk_port
+    ovs-ofctl add-flow $br priority=60,dl_vlan=$sec_iso_vlan,dl_src=$vm_mac,actions=output:1
 else
-    # it would delete any rule related to this vm, not only the rule added above
-    ovs-ofctl del-flows $br dl_src=$vm_mac
+    ovs-ofctl del-flows --strict $br priority=50,dl_vlan=0xffff,dl_src=$vm_mac
+    ovs-ofctl del-flows --strict $br priority=60,dl_vlan=$sec_iso_vlan,dl_src=$vm_mac
 fi
 
diff --git a/server/src/com/cloud/network/element/VirtualRouterElement.java b/server/src/com/cloud/network/element/VirtualRouterElement.java
index d9c43567d06..5c73bcdd80e 100755
--- a/server/src/com/cloud/network/element/VirtualRouterElement.java
+++ b/server/src/com/cloud/network/element/VirtualRouterElement.java
@@ -215,16 +215,6 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
             throw new ResourceUnavailableException("Can't find at least one running router!",
                     DataCenter.class, network.getDataCenterId());
         }
-        
-        // Setup PVlan for vm if necessary
-        if (network.getTrafficType() == TrafficType.Guest && network.getBroadcastDomainType() == BroadcastDomainType.Pvlan) {
-        	assert routers.size() == 1;
-        	DomainRouterVO router = routers.get(0);
-        	if (router.getHostId() == dest.getHost().getId()) {
-        		_routerMgr.setupVmWithDhcpHostForPvlan(true, router, nic);
-        	}
-        }
-        
         return true;      
     }
 
diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
index 4dfd78c2a52..075b014cb0b 100644
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
@@ -105,6 +105,4 @@ public interface VirtualNetworkApplianceManager extends Manager, VirtualNetworkA
 	
 	boolean applyUserData(Network config, NicProfile nic, VirtualMachineProfile<UserVm> vm, DeployDestination dest, 
 	        List<DomainRouterVO> routers) throws ResourceUnavailableException;
-
-	void setupVmWithDhcpHostForPvlan(boolean add, DomainRouterVO router, NicProfile profile) throws ResourceUnavailableException;
 }
diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index bb31e1cf5e8..d22c7fc6d31 100755
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -2211,35 +2211,6 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
         return dhcpRange;
     }
 
-    private boolean setupDhcpForPvlanOnHost(boolean add, DomainRouterVO router, Nic routerNic) {
-    	if (!routerNic.getBroadcastUri().getScheme().equals("pvlan")) {
-    		return false;
-    	}
-    	setupDhcpForPvlan(add, router, routerNic);
-    	Long hostId = router.getHostId();
-    	List<UserVmVO> vms = _userVmDao.listByHostId(hostId);
-    	for (UserVmVO vm : vms) {
-    		if (vm.getState() != State.Running) {
-    			continue;
-    		}
-    		List<NicVO> nics = _nicDao.listByVmId(vm.getId());
-    		for (NicVO nic : nics) {
-    			if (nic.getNetworkId() == routerNic.getNetworkId()) {
-    				try {
-    					Network network = _networkDao.findById(routerNic.getNetworkId());
-    					NicProfile profile = new NicProfile(nic, network, nic.getBroadcastUri(), nic.getIsolationUri(), 
-    							null, _networkModel.isSecurityGroupSupportedInNetwork(network), _networkModel.getNetworkTag(vm.getHypervisorType(), network));
-						setupVmWithDhcpHostForPvlan(add, router, profile);
-					} catch (ResourceUnavailableException e) {
-						s_logger.warn("Fail to program pvlan on nic " + nic.getMacAddress(), e);
-						return false;
-					}
-    			}
-    		}
-    	}
-    	return true;
-    }
-    
     private boolean setupDhcpForPvlan(boolean add, DomainRouterVO router, Nic nic) {
     	if (!nic.getBroadcastUri().getScheme().equals("pvlan")) {
     		return false;
@@ -2248,7 +2219,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
     	if (!add) {
     		op = "delete";
     	}
-    	PvlanSetupCommand cmd = PvlanSetupCommand.createDhcpSetup(op, "xenbr0", nic.getBroadcastUri(), nic.getMacAddress(), nic.getIp4Address());
+    	PvlanSetupCommand cmd = PvlanSetupCommand.createDhcpSetup(op, "xenbr0", nic.getBroadcastUri(), router.getInstanceName(), nic.getMacAddress(), nic.getIp4Address());
     	Commands cmds = new Commands(cmd);
     	// In fact we send command to the host of router, we're not programming router but the host
     	try {
@@ -2260,23 +2231,6 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
     	return true;
     }
     
-    @Override
-    public void setupVmWithDhcpHostForPvlan(boolean add, DomainRouterVO router, NicProfile profile) throws ResourceUnavailableException
-    {
-    	if (!profile.getBroadCastUri().getScheme().equals("pvlan")) {
-    		return;
-    	}
-    	String op = "add";
-    	if (!add) {
-    		op = "delete";
-    	}
-    	NicVO routerNic = _nicDao.findByInstanceIdAndNetworkId(profile.getNetworkId(), router.getId());
-    	PvlanSetupCommand cmd = PvlanSetupCommand.createVmInDhcpHostSetup(op, "xenbr0", profile.getBroadCastUri(), routerNic.getMacAddress(), profile.getMacAddress());
-    	Commands cmds = new Commands(cmd);
-    	// In fact we send command to the host of router, we're not programming router but the host
-    	sendCommandsToRouter(router, cmds);
-    }
-    
     @Override
     public boolean finalizeDeployment(Commands cmds, VirtualMachineProfile<DomainRouterVO> profile, 
             DeployDestination dest, ReservationContext context) throws ResourceUnavailableException {
@@ -2577,7 +2531,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
             if (network.getTrafficType() == TrafficType.Guest) {
                 guestNetworks.add(network);
                 if (nic.getBroadcastUri().getScheme().equals("pvlan")) {
-                	result = setupDhcpForPvlanOnHost(true, router, nic);
+                	result = setupDhcpForPvlan(true, router, nic);
                 }
             }
         }
@@ -2615,9 +2569,10 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
             for (Nic nic : routerNics) {
             	Network network = _networkModel.getNetwork(nic.getNetworkId());
             	if (network.getTrafficType() == TrafficType.Guest && nic.getBroadcastUri().getScheme().equals("pvlan")) {
-            		setupDhcpForPvlanOnHost(false, domR, nic);
+            		setupDhcpForPvlan(false, domR, nic);
             	}
             }
+
         }
     }
 
diff --git a/server/test/com/cloud/vpc/MockVpcVirtualNetworkApplianceManager.java b/server/test/com/cloud/vpc/MockVpcVirtualNetworkApplianceManager.java
index 5278b339e19..e86fc09ce2c 100644
--- a/server/test/com/cloud/vpc/MockVpcVirtualNetworkApplianceManager.java
+++ b/server/test/com/cloud/vpc/MockVpcVirtualNetworkApplianceManager.java
@@ -401,12 +401,4 @@ VpcVirtualNetworkApplianceService {
         // TODO Auto-generated method stub
         return null;
     }
-
-	@Override
-	public void setupVmWithDhcpHostForPvlan(boolean add,
-			DomainRouterVO router, NicProfile nic) throws ResourceUnavailableException {
-		// TODO Auto-generated method stub
-		
-	}
-
 }