diff --git a/api/src/com/cloud/exception/PermissionDeniedException.java b/api/src/com/cloud/exception/PermissionDeniedException.java
index 0dba3039654..70d3971885d 100644
--- a/api/src/com/cloud/exception/PermissionDeniedException.java
+++ b/api/src/com/cloud/exception/PermissionDeniedException.java
@@ -17,6 +17,10 @@
  */
 package com.cloud.exception;
 
+import java.util.List;
+
+import com.cloud.acl.ControlledEntity;
+import com.cloud.user.Account;
 import com.cloud.utils.SerialVersionUID;
 import com.cloud.utils.exception.CloudRuntimeException;
 
@@ -35,5 +39,30 @@ public class PermissionDeniedException extends CloudRuntimeException {
 	protected PermissionDeniedException() {
 	    super();
 	}
-
+	
+	List<? extends ControlledEntity> violations;
+	Account account;
+	
+	public PermissionDeniedException(String message, Account account, List<? extends ControlledEntity> violations) {
+	    super(message);
+	    this.violations = violations;
+	    this.account = account;
+	}
+	
+	public Account getAccount() {
+	    return account;
+	}
+	
+	public List<? extends ControlledEntity> getEntitiesInViolation() {
+	    return violations;
+	}
+	
+	public void addDetails(Account account, List<? extends ControlledEntity> violations) {
+	    this.account = account;
+	    this.violations = violations;
+	}
+	
+	public void addViolations(List<? extends ControlledEntity> violations) {
+	    this.violations = violations;
+	}
 }
diff --git a/core/src/com/cloud/dc/DataCenterVnetVO.java b/core/src/com/cloud/dc/DataCenterVnetVO.java
index 40da1097200..6b926f5baf7 100755
--- a/core/src/com/cloud/dc/DataCenterVnetVO.java
+++ b/core/src/com/cloud/dc/DataCenterVnetVO.java
@@ -35,7 +35,7 @@ public class DataCenterVnetVO {
     @Id
     @GeneratedValue(strategy=GenerationType.IDENTITY)
     @Column(name="id")
-    Long id;
+    long id;
     
     @Column(name="taken", nullable=true)
     @Temporal(value=TemporalType.TIMESTAMP)
@@ -50,6 +50,9 @@ public class DataCenterVnetVO {
     @Column(name="account_id")
     protected Long accountId;
     
+    @Column(name="reservation_id")
+    protected String reservationId;
+    
     public Date getTakenAt() {
         return takenAt;
     }
@@ -64,7 +67,7 @@ public class DataCenterVnetVO {
         this.takenAt = null;
     }
     
-    public Long getId() {
+    public long getId() {
         return id;
     }
     
@@ -72,6 +75,14 @@ public class DataCenterVnetVO {
         return vnet;
     }
     
+    public String getReservationId() {
+        return reservationId;
+    }
+    
+    public void setReservationId(String reservationId) {
+        this.reservationId = reservationId;
+    }
+    
     public Long getAccountId() {
     	return accountId;
     }
diff --git a/core/src/com/cloud/dc/dao/DataCenterDao.java b/core/src/com/cloud/dc/dao/DataCenterDao.java
index a55dfcb8ee3..66a21d0b727 100644
--- a/core/src/com/cloud/dc/dao/DataCenterDao.java
+++ b/core/src/com/cloud/dc/dao/DataCenterDao.java
@@ -35,9 +35,9 @@ public interface DataCenterDao extends GenericDao<DataCenterVO, Long> {
     String[] getNextAvailableMacAddressPair(long id, long mask);
     String allocatePrivateIpAddress(long id, long podId, long instanceId, String reservationId);
     String allocateLinkLocalIpAddress(long id, long podId, long instanceId, String reservationId);
-    String allocateVnet(long dcId, long accountId);
+    String allocateVnet(long dcId, long accountId, String reservationId);
     
-    void releaseVnet(String vnet, long dcId, long accountId);
+    void releaseVnet(String vnet, long dcId, long accountId, String reservationId);
     void releasePrivateIpAddress(String ipAddress, long dcId, Long instanceId);
     void releasePrivateIpAddress(long nicId, String reservationId);
     void releaseLinkLocalIpAddress(String ipAddress, long dcId, Long instanceId);
diff --git a/core/src/com/cloud/dc/dao/DataCenterDaoImpl.java b/core/src/com/cloud/dc/dao/DataCenterDaoImpl.java
index 43c817eaf2f..8745ed96484 100644
--- a/core/src/com/cloud/dc/dao/DataCenterDaoImpl.java
+++ b/core/src/com/cloud/dc/dao/DataCenterDaoImpl.java
@@ -94,8 +94,8 @@ public class DataCenterDaoImpl extends GenericDaoBase<DataCenterVO, Long> implem
     }
 
     @Override
-    public void releaseVnet(String vnet, long dcId, long accountId) {
-        _vnetAllocDao.release(vnet, dcId, accountId);
+    public void releaseVnet(String vnet, long dcId, long accountId, String reservationId) {
+        _vnetAllocDao.release(vnet, dcId, accountId, reservationId);
     }
     
     @Override
@@ -134,8 +134,8 @@ public class DataCenterDaoImpl extends GenericDaoBase<DataCenterVO, Long> implem
     }
 
     @Override
-    public String allocateVnet(long dataCenterId, long accountId) {
-        DataCenterVnetVO vo = _vnetAllocDao.take(dataCenterId, accountId);
+    public String allocateVnet(long dataCenterId, long accountId, String reservationId) {
+        DataCenterVnetVO vo = _vnetAllocDao.take(dataCenterId, accountId, reservationId);
         if (vo == null) {
             return null;
         }
diff --git a/core/src/com/cloud/dc/dao/DataCenterVnetDaoImpl.java b/core/src/com/cloud/dc/dao/DataCenterVnetDaoImpl.java
index da628ac55f4..efd1248b5f8 100755
--- a/core/src/com/cloud/dc/dao/DataCenterVnetDaoImpl.java
+++ b/core/src/com/cloud/dc/dao/DataCenterVnetDaoImpl.java
@@ -23,6 +23,7 @@ import java.util.Date;
 import java.util.List;
 
 import com.cloud.dc.DataCenterVnetVO;
+import com.cloud.utils.db.DB;
 import com.cloud.utils.db.GenericDao;
 import com.cloud.utils.db.GenericDaoBase;
 import com.cloud.utils.db.SearchBuilder;
@@ -34,6 +35,7 @@ import com.cloud.utils.exception.CloudRuntimeException;
  * DataCenterVnetDaoImpl maintains the one-to-many relationship between
  * data center and the vnet that appears within its network.
  */
+@DB(txn=false)
 public class DataCenterVnetDaoImpl extends GenericDaoBase<DataCenterVnetVO, Long> implements GenericDao<DataCenterVnetVO, Long> {
     private final SearchBuilder<DataCenterVnetVO> FreeVnetSearch;
     private final SearchBuilder<DataCenterVnetVO> VnetDcSearch;
@@ -53,6 +55,7 @@ public class DataCenterVnetDaoImpl extends GenericDaoBase<DataCenterVnetVO, Long
     	return listBy(sc);
     }
     
+    @DB
     public void add(long dcId, int start, int end) {
         String insertVnet = "INSERT INTO `cloud`.`op_dc_vnet_alloc` (vnet, data_center_id) VALUES ( ?, ?)";
         
@@ -73,46 +76,38 @@ public class DataCenterVnetDaoImpl extends GenericDaoBase<DataCenterVnetVO, Long
     }
     
     public void delete(long dcId) {
-    	String deleteVnet = "DELETE FROM `cloud`.`op_dc_vnet_alloc` WHERE data_center_id = ?";
-
-        Transaction txn = Transaction.currentTxn();
-        try {
-            PreparedStatement stmt = txn.prepareAutoCloseStatement(deleteVnet);
-            stmt.setLong(1, dcId);
-            stmt.executeUpdate();
-        } catch (SQLException e) {
-        	throw new CloudRuntimeException("Exception caught deleting vnet ", e);
-        }
+        SearchCriteria<DataCenterVnetVO> sc = VnetDcSearch.create();
+        sc.setParameters("dc", dcId);
+        
+        remove(sc);
     }
 
-    public DataCenterVnetVO take(long dcId, long accountId) {
+    @DB
+    public DataCenterVnetVO take(long dcId, long accountId, String reservationId) {
         SearchCriteria<DataCenterVnetVO> sc = FreeVnetSearch.create();
         sc.setParameters("dc", dcId);
         Date now = new Date();
         Transaction txn = Transaction.currentTxn();
-        try {
-            txn.start();
-            DataCenterVnetVO vo = lockOneRandomRow(sc, true);
-            if (vo == null) {
-                return null;
-            }
-
-            vo.setTakenAt(now);
-            vo.setAccountId(accountId);
-            update(vo.getId(), vo);
-            txn.commit();
-            return vo;
-
-        } catch (Exception e) {
-            throw new CloudRuntimeException("Caught Exception ", e);
+        txn.start();
+        DataCenterVnetVO vo = lockOneRandomRow(sc, true);
+        if (vo == null) {
+            return null;
         }
+
+        vo.setTakenAt(now);
+        vo.setAccountId(accountId);
+        vo.setReservationId(reservationId);
+        update(vo.getId(), vo);
+        txn.commit();
+        return vo;
     }
 
-    public void release(String vnet, long dcId, long accountId) {
+    public void release(String vnet, long dcId, long accountId, String reservationId) {
         SearchCriteria<DataCenterVnetVO> sc = VnetDcSearchAllocated.create();
         sc.setParameters("vnet", vnet);
         sc.setParameters("dc", dcId);
         sc.setParameters("account", accountId);
+        sc.setParameters("reservation", reservationId);
 
         DataCenterVnetVO vo = findOneIncludingRemovedBy(sc);
         if (vo == null) {
@@ -121,6 +116,7 @@ public class DataCenterVnetDaoImpl extends GenericDaoBase<DataCenterVnetVO, Long
 
         vo.setTakenAt(null);
         vo.setAccountId(null);
+        vo.setReservationId(null);
         update(vo.getId(), vo);
     }
 
@@ -146,6 +142,7 @@ public class DataCenterVnetDaoImpl extends GenericDaoBase<DataCenterVnetVO, Long
         VnetDcSearchAllocated.and("dc", VnetDcSearchAllocated.entity().getDataCenterId(), SearchCriteria.Op.EQ);
         VnetDcSearchAllocated.and("taken", VnetDcSearchAllocated.entity().getTakenAt(), SearchCriteria.Op.NNULL);
         VnetDcSearchAllocated.and("account", VnetDcSearchAllocated.entity().getAccountId(), SearchCriteria.Op.EQ);
+        VnetDcSearchAllocated.and("reservation", VnetDcSearchAllocated.entity().getReservationId(), SearchCriteria.Op.EQ);
         VnetDcSearchAllocated.done();
     }
 }
diff --git a/core/src/com/cloud/network/BasicVirtualNetworkAllocator.java b/core/src/com/cloud/network/BasicVirtualNetworkAllocator.java
index 7a157114917..831708c65e2 100644
--- a/core/src/com/cloud/network/BasicVirtualNetworkAllocator.java
+++ b/core/src/com/cloud/network/BasicVirtualNetworkAllocator.java
@@ -39,12 +39,12 @@ public class BasicVirtualNetworkAllocator implements VirtualNetworkAllocator {
 
     @Override
     public String allocateTag(AccountVO account, HostVO host, VMInstanceVO vm, ServiceOfferingVO so) {
-        return _dcDao.allocateVnet(host.getDataCenterId(), account.getId());
+        return _dcDao.allocateVnet(host.getDataCenterId(), account.getId(), null);
     }
 
     @Override
     public void releaseTag(String tag, HostVO host, AccountVO account, VMInstanceVO vm) {
-        _dcDao.releaseVnet(tag, host.getDataCenterId(), account.getId());
+        _dcDao.releaseVnet(tag, host.getDataCenterId(), account.getId(), null);
     }
 
     @Override
diff --git a/server/src/com/cloud/acl/DomainChecker.java b/server/src/com/cloud/acl/DomainChecker.java
index f8e989e8d3f..7a5eceaa966 100644
--- a/server/src/com/cloud/acl/DomainChecker.java
+++ b/server/src/com/cloud/acl/DomainChecker.java
@@ -88,7 +88,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
             
             return true;
         } else {
-            return false;
+            return true;
         }
     }
 
diff --git a/server/src/com/cloud/network/DomainRouterService.java b/server/src/com/cloud/network/DomainRouterService.java
index 8f76f8d8865..51ca6e4f314 100644
--- a/server/src/com/cloud/network/DomainRouterService.java
+++ b/server/src/com/cloud/network/DomainRouterService.java
@@ -17,10 +17,15 @@
  */
 package com.cloud.network;
 
+import com.cloud.api.commands.StartRouter2Cmd;
 import com.cloud.api.commands.StartRouterCmd;
+import com.cloud.api.commands.StopRouter2Cmd;
 import com.cloud.api.commands.StopRouterCmd;
+import com.cloud.exception.ConcurrentOperationException;
+import com.cloud.exception.InsufficientCapacityException;
 import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.exception.PermissionDeniedException;
+import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.utils.component.Manager;
 import com.cloud.vm.DomainRouter;
 
@@ -40,4 +45,16 @@ public interface DomainRouterService extends Manager {
      * @throws InvalidParameterValueException, PermissionDeniedException
      */
     DomainRouter stopRouter(StopRouterCmd cmd);
+    
+    DomainRouter startRouter(StartRouter2Cmd cmd) throws ResourceUnavailableException, InsufficientCapacityException, ConcurrentOperationException;
+    
+    /**
+     * Stops domain router
+     * @param cmd the command specifying router's id
+     * @return router if successful, null otherwise
+     * @throws ConcurrentOperationException 
+     * @throws ResourceUnavailableException 
+     * @throws InvalidParameterValueException, PermissionDeniedException
+     */
+    DomainRouter stopRouter(StopRouter2Cmd cmd) throws ResourceUnavailableException, ConcurrentOperationException;
 }
diff --git a/server/src/com/cloud/network/configuration/GuestNetworkGuru.java b/server/src/com/cloud/network/configuration/GuestNetworkGuru.java
index e5da624e2ab..ec13b100fd1 100644
--- a/server/src/com/cloud/network/configuration/GuestNetworkGuru.java
+++ b/server/src/com/cloud/network/configuration/GuestNetworkGuru.java
@@ -133,7 +133,7 @@ public class GuestNetworkGuru extends AdapterBase implements NetworkGuru {
         NetworkConfigurationVO implemented = new NetworkConfigurationVO(config.getTrafficType(), config.getGuestType(), config.getMode(), config.getBroadcastDomainType(), config.getNetworkOfferingId(), config.getDataCenterId());
         
         if (config.getBroadcastUri() == null) {
-            String vnet = _dcDao.allocateVnet(dcId, config.getAccountId());
+            String vnet = _dcDao.allocateVnet(dcId, config.getAccountId(), context.getReservationId());
             implemented.setBroadcastUri(BroadcastDomainType.Vlan.toUri(vnet));
         } else {
             implemented.setBroadcastUri(config.getBroadcastUri());
diff --git a/server/src/com/cloud/network/router/DomainRouterManagerImpl.java b/server/src/com/cloud/network/router/DomainRouterManagerImpl.java
index 75cdc773a2d..8adea84dcc0 100644
--- a/server/src/com/cloud/network/router/DomainRouterManagerImpl.java
+++ b/server/src/com/cloud/network/router/DomainRouterManagerImpl.java
@@ -59,7 +59,9 @@ import com.cloud.agent.api.routing.VpnUsersCfgCommand;
 import com.cloud.agent.manager.Commands;
 import com.cloud.alert.AlertManager;
 import com.cloud.api.commands.RebootRouterCmd;
+import com.cloud.api.commands.StartRouter2Cmd;
 import com.cloud.api.commands.StartRouterCmd;
+import com.cloud.api.commands.StopRouter2Cmd;
 import com.cloud.api.commands.StopRouterCmd;
 import com.cloud.api.commands.UpgradeRouterCmd;
 import com.cloud.async.AsyncJobExecutor;
@@ -144,6 +146,7 @@ import com.cloud.user.AccountVO;
 import com.cloud.user.User;
 import com.cloud.user.UserContext;
 import com.cloud.user.UserStatisticsVO;
+import com.cloud.user.UserVO;
 import com.cloud.user.dao.AccountDao;
 import com.cloud.user.dao.UserDao;
 import com.cloud.user.dao.UserStatisticsDao;
@@ -878,7 +881,7 @@ public class DomainRouterManagerImpl implements DomainRouterManager, DomainRoute
 	                if(USE_POD_VLAN){
 	                    vnet = _dcDao.allocatePodVlan(router.getPodId(), router.getAccountId());
 	                } else {
-	                    vnet = _dcDao.allocateVnet(router.getDataCenterId(), router.getAccountId());
+	                    vnet = _dcDao.allocateVnet(router.getDataCenterId(), router.getAccountId(), null);
 	                }
 	                vnetAllocated = true;
 	                if(vnet != null){
@@ -1063,7 +1066,7 @@ public class DomainRouterManagerImpl implements DomainRouterManager, DomainRoute
                 Transaction txn = Transaction.currentTxn();
                 txn.start();
                 if (vnetAllocated == true && vnet != null) {
-                    _dcDao.releaseVnet(vnet, router.getDataCenterId(), router.getAccountId());
+                    _dcDao.releaseVnet(vnet, router.getDataCenterId(), router.getAccountId(), null);
                 }
 
                 router.setVnet(null);
@@ -1562,7 +1565,7 @@ public class DomainRouterManagerImpl implements DomainRouterManager, DomainRoute
         try {
             txn.start();
             if (_vmDao.listBy(routerId, State.Starting, State.Running).size() == 0) {
-                _dcDao.releaseVnet(router.getVnet(), router.getDataCenterId(), router.getAccountId());
+                _dcDao.releaseVnet(router.getVnet(), router.getDataCenterId(), router.getAccountId(), null);
             }
 
             router.setVnet(null);
@@ -1955,7 +1958,7 @@ public class DomainRouterManagerImpl implements DomainRouterManager, DomainRoute
 
     @Override
     public String createZoneVlan(DomainRouterVO router) {
-        String zoneVlan = _dcDao.allocateVnet(router.getDataCenterId(), router.getAccountId());
+        String zoneVlan = _dcDao.allocateVnet(router.getDataCenterId(), router.getAccountId(), null);
         final DataCenterVO dc = _dcDao.findById(router.getDataCenterId());
         router.setZoneVlan(zoneVlan);
         router.setGuestZoneMacAddress(getRouterMacForZoneVlan(dc, zoneVlan));
@@ -2338,4 +2341,60 @@ public class DomainRouterManagerImpl implements DomainRouterManager, DomainRoute
         
         return _routerDao.findById(VirtualMachineName.getRouterId(name));
     }
+    
+    @Override
+    public DomainRouter startRouter(StartRouter2Cmd cmd) throws ResourceUnavailableException, InsufficientCapacityException, ConcurrentOperationException {
+        Long routerId = cmd.getId();
+        Account account = UserContext.current().getAccount();
+        
+        //verify parameters
+        DomainRouterVO router = _routerDao.findById(routerId);
+        if (router == null) {
+            throw new PermissionDeniedException ("Unable to start router with id " + routerId + ". Permisssion denied");
+        }
+        _accountMgr.checkAccess(account, router);
+        
+        long eventId = EventUtils.saveScheduledEvent(User.UID_SYSTEM, Account.ACCOUNT_ID_SYSTEM, EventTypes.EVENT_ROUTER_START, "starting Router with Id: "+routerId);
+        UserVO user = _userDao.findById(UserContext.current().getUserId());
+        return this.start(router, user, account);
+    }
+    
+    /**
+     * Stops domain router
+     * @param cmd the command specifying router's id
+     * @return router if successful, null otherwise
+     * @throws OperationTimedoutException 
+     * @throws ConcurrentOperationException 
+     * @throws ResourceUnavailableException 
+     * @throws InvalidParameterValueException, PermissionDeniedException
+     */
+    @Override
+    public DomainRouter stopRouter(StopRouter2Cmd cmd) throws ResourceUnavailableException, ConcurrentOperationException {
+        Long routerId = cmd.getId();
+        Account account = UserContext.current().getAccount();
+
+        // verify parameters
+        DomainRouterVO router = _routerDao.findById(routerId);
+        if (router == null) {
+            throw new PermissionDeniedException ("Unable to stop router with id " + routerId + ". Permission denied.");
+        }
+
+        _accountMgr.checkAccess(account, router);
+        
+        long eventId = EventUtils.saveScheduledEvent(User.UID_SYSTEM, Account.ACCOUNT_ID_SYSTEM, EventTypes.EVENT_ROUTER_STOP, "stopping Router with Id: "+routerId);
+        
+        UserVO user = _userDao.findById(UserContext.current().getUserId());
+
+        try {
+            if (!_itMgr.stop(router, user, account)) {
+                return null;
+            }
+        } catch (AgentUnavailableException e) {
+            throw new ResourceUnavailableException("Unable to reach the server to stop the vm", e);
+        } catch (OperationTimedoutException e) {
+            throw new ResourceUnavailableException("Stop operation timed out", e);
+        }
+        
+        return router;
+    }
 }
diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java
index f0a3943d4ca..d9697660429 100644
--- a/server/src/com/cloud/user/AccountManagerImpl.java
+++ b/server/src/com/cloud/user/AccountManagerImpl.java
@@ -19,6 +19,7 @@
 package com.cloud.user;
 
 import java.util.ArrayList;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
@@ -664,7 +665,14 @@ public class AccountManagerImpl implements AccountManager, AccountService {
     
     @Override
     public void checkAccess(Account caller, ControlledEntity... entities) {
+        HashMap<Long, List<ControlledEntity>> domains = new HashMap<Long, List<ControlledEntity>>();
+        
         for (ControlledEntity entity : entities) {
+            List<ControlledEntity> toBeChecked = domains.get(entity.getDomainId());
+            if (toBeChecked == null) {
+                toBeChecked = new ArrayList<ControlledEntity>();
+            }
+            toBeChecked.add(entity);
             boolean granted = false;
             for (SecurityChecker checker : _securityCheckers) {
                 if (checker.checkAccess(caller, entity)) {
@@ -681,6 +689,21 @@ public class AccountManagerImpl implements AccountManager, AccountService {
                 throw new PermissionDeniedException("There's no way to confirm " + caller + " has access to " + entity);
             }
         }
+        
+        for (Map.Entry<Long, List<ControlledEntity>> domain : domains.entrySet()) {
+            for (SecurityChecker checker : _securityCheckers) {
+                Domain d = _domainDao.findById(domain.getKey());
+                if (d == null || d.getRemoved() != null) {
+                    throw new PermissionDeniedException("Domain is not found.", caller, domain.getValue());
+                }
+                try {
+                    checker.checkAccess(caller, d);
+                } catch (PermissionDeniedException e) {
+                    e.addDetails(caller, domain.getValue());
+                    throw e;
+                }
+            }
+        }
     }
  
     
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index 0682232f665..327113d47b8 100755
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -2131,7 +2131,7 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, VirtualM
             if ((vm.getDomainRouterId() != null) && _vmDao.listBy(vm.getDomainRouterId(), State.Starting, State.Running).size() == 0) {
             	DomainRouterVO router = _routerDao.findById(vm.getDomainRouterId());
             	if (router.getState().equals(State.Stopped)) {
-            		_dcDao.releaseVnet(vnet, router.getDataCenterId(), router.getAccountId());
+            		_dcDao.releaseVnet(vnet, router.getDataCenterId(), router.getAccountId(), null);
             	}
             }
             
diff --git a/setup/db/create-schema.sql b/setup/db/create-schema.sql
index 05587b73f56..91c0e1276e0 100755
--- a/setup/db/create-schema.sql
+++ b/setup/db/create-schema.sql
@@ -393,6 +393,7 @@ CREATE TABLE `cloud`.`op_dc_ip_address_alloc` (
   `data_center_id` bigint unsigned NOT NULL COMMENT 'data center it belongs to',
   `pod_id` bigint unsigned NOT NULL COMMENT 'pod it belongs to',
   `instance_id` bigint unsigned NULL COMMENT 'instance id',
+  `reservation_id` char(40) NULL COMMENT 'reservation id',
   `taken` datetime COMMENT 'Date taken',
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
@@ -424,6 +425,7 @@ CREATE TABLE `cloud`.`op_dc_vnet_alloc` (
     `id` bigint unsigned NOT NULL AUTO_INCREMENT COMMENT 'primary id',
     `vnet` varchar(18) NOT NULL COMMENT 'vnet',
     `data_center_id` bigint unsigned NOT NULL COMMENT 'data center the vnet belongs to',
+    `reservation_id` char(40) NULL COMMENT 'reservation id',
     `account_id` bigint unsigned NULL COMMENT 'account the vnet belongs to right now',
     `taken` datetime COMMENT 'Date taken',
     PRIMARY KEY (`id`)