diff --git a/docs/install-upgrade/config.md b/docs/install-upgrade/config.md
index 8c55be9..a8c4da2 100644
--- a/docs/install-upgrade/config.md
+++ b/docs/install-upgrade/config.md
@@ -6,7 +6,9 @@ The `fab.yaml` file is the configuration file for the fabric. It supplies the co
 ## Typical HHFAB workflows
 
 ### HHFAB for VLAB
+
 For a VLAB user, the typical workflow with hhfab is:
+
 1. `hhfab init --dev`
 1. `hhfab vlab gen`
 1. `hhfab vlab up --kill-stale`
diff --git a/docs/install-upgrade/overview.md b/docs/install-upgrade/overview.md
index f428ea8..a2fdd66 100644
--- a/docs/install-upgrade/overview.md
+++ b/docs/install-upgrade/overview.md
@@ -39,6 +39,7 @@ The main steps to install Fabric are:
 Hedgehog has created a command line utility, called `hhfab`, that helps generate the wiring diagram and fabric configuration, validate the supplied configurations, and generate an installation image (.img) suitable for writing to a USB flash drive or mounting via IPMI virtual media. The first `hhfab` command to run is `hhfab init`. This will generate the main configuration file, `fab.yaml`. `fab.yaml` is responsible for almost every configuration of the fabric with the exception of the wiring. Each command and subcommand have usage messages, simply supply the `-h` flag to your command or sub command to see the available options. For example `hhfab vlab -h` and `hhfab vlab gen -h`.
 
 ### HHFAB commands to make a bootable image
+
 1. `hhfab init --wiring wiring-lab.yaml`
 1. The `init` command generates a `fab.yaml` file, edit the `fab.yaml` file for your needs
     1. ensure the correct boot disk (e.g. `/dev/sda`) and control node NIC names are supplied
diff --git a/docs/vlab/demo.md b/docs/vlab/demo.md
index 64d727c..3c65102 100644
--- a/docs/vlab/demo.md
+++ b/docs/vlab/demo.md
@@ -86,7 +86,8 @@ graph TD
     L1 & L2 & L2 & L3 & L4 & L5 <----> S1 & S2
 ```
 
-## Creating and attaching VPCs
+## Manual VPC creation
+### Creating and attaching VPCs
 
 You can create and attach VPCs to the VMs using the `kubectl fabric vpc` command on the Control Node or outside of the
 cluster using the kubeconfig. For example, run the following commands to create 2 VPCs with a single subnet each, a DHCP
@@ -138,7 +139,7 @@ spine-02   spine         VS-05           18m       4          4          v0.23.0
 In this example, the values in columns `APPLIEDG` and `CURRENTG` are equal which means that the requested configuration
 has been applied.
 
-## Setting up networking on test servers
+### Setting up networking on test servers
 
 You can use `hhfab vlab ssh` on the host to SSH into the test servers and configure networking there. For example, for
 both `server-01` (MCLAG attached to both `leaf-01` and `leaf-02`) we need to configure a bond with a VLAN on top of it
@@ -194,7 +195,7 @@ core@server-02 ~ $ ip a
        valid_lft forever preferred_lft forever
 ```
 
-## Testing connectivity before peering
+### Testing connectivity before peering
 
 You can test connectivity between the servers before peering the switches using the `ping` command:
 
@@ -220,7 +221,7 @@ From 10.0.2.1 icmp_seq=3 Destination Net Unreachable
 3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2004ms
 ```
 
-## Peering VPCs and testing connectivity
+### Peering VPCs and testing connectivity
 
 To enable connectivity between the VPCs, peer them using `kubectl fabric vpc peer`:
 
@@ -293,6 +294,118 @@ From 10.0.1.1 icmp_seq=3 Destination Net Unreachable
     3 packets transmitted, 3 received, +3 duplicates, 0% packet loss, time 2003ms
     rtt min/avg/max/mdev = 6.987/8.720/9.595/1.226 ms
     ```
+## Utility based VPC creation
+
+### Setup VPCs
+`hhfab vlab` includes a utility to create VPCs in vlab. This utility is a `hhfab vlab` sub-command. `hhfab vlab setup-vpcs`.
+
+```console
+NAME:
+   hhfab vlab setup-vpcs - setup VPCs and VPCAttachments for all servers and configure networking on them
+
+USAGE:
+   hhfab vlab setup-vpcs [command options]
+
+OPTIONS:
+   --dns-servers value, --dns value [ --dns-servers value, --dns value ]    DNS servers for VPCs advertised by DHCP
+   --force-clenup, -f                                                       start with removing all existing VPCs and VPCAttachments (default: false)
+   --help, -h                                                               show help
+   --interface-mtu value, --mtu value                                       interface MTU for VPCs advertised by DHCP (default: 0)
+   --ipns value                                                             IPv4 namespace for VPCs (default: "default")
+   --name value, -n value                                                   name of the VM or HW to access
+   --servers-per-subnet value, --servers value                              number of servers per subnet (default: 1)
+   --subnets-per-vpc value, --subnets value                                 number of subnets per VPC (default: 1)
+   --time-servers value, --ntp value [ --time-servers value, --ntp value ]  Time servers for VPCs advertised by DHCP
+   --vlanns value                                                           VLAN namespace for VPCs (default: "default")
+   --wait-switches-ready, --wait                                            wait for switches to be ready before and after configuring VPCs and VPCAttachments (default: true)
+
+   Global options:
+
+   --brief, -b      brief output (only warn and error) (default: false) [$HHFAB_BRIEF]
+   --cache-dir DIR  use cache dir DIR for caching downloaded files (default: "/home/ubuntu/.hhfab-cache") [$HHFAB_CACHE_DIR]
+   --verbose, -v    verbose output (includes debug) (default: false) [$HHFAB_VERBOSE]
+   --workdir PATH   run as if hhfab was started in PATH instead of the current working directory (default: "/home/ubuntu") [$HHFAB_WORK_DIR]
+```
+
+### Setup Peering
+`hhfab vlab` includes a utility to create VPC peerings in VLAB. This utility is a `hhfab vlab` sub-command. `hhfab vlab setup-peerings`.
+
+```console
+NAME:
+   hhfab vlab setup-peerings - setup VPC and External Peerings per requests (remove all if empty)
+
+USAGE:
+   Setup test scenario with VPC/External Peerings by specifying requests in the format described below.
+
+   Example command:
+
+   $ hhfab vlab setup-peerings 1+2 2+4:r=border 1~as5835 2~as5835:subnets=sub1,sub2:prefixes=0.0.0.0/0,22.22.22.0/24
+
+   Which will produce:
+   1. VPC peering between vpc-01 and vpc-02
+   2. Remote VPC peering between vpc-02 and vpc-04 on switch group named border
+   3. External peering for vpc-01 with External as5835 with default vpc subnet and any routes from external permitted
+   4. External peering for vpc-02 with External as5835 with subnets sub1 and sub2 exposed from vpc-02 and default route
+      from external permitted as well any route that belongs to 22.22.22.0/24
+
+   VPC Peerings:
+
+   1+2 -- VPC peering between vpc-01 and vpc-02
+   demo-1+demo-2 -- VPC peering between demo-1 and demo-2
+   1+2:r -- remote VPC peering between vpc-01 and vpc-02 on switch group if only one switch group is present
+   1+2:r=border -- remote VPC peering between vpc-01 and vpc-02 on switch group named border
+   1+2:remote=border -- same as above
+
+   External Peerings:
+
+   1~as5835 -- external peering for vpc-01 with External as5835
+   1~ -- external peering for vpc-1 with external if only one external is present for ipv4 namespace of vpc-01, allowing
+     default subnet and any route from external
+   1~:subnets=default@prefixes=0.0.0.0/0 -- external peering for vpc-1 with auth external with default vpc subnet and
+     default route from external permitted
+   1~as5835:subnets=default,other:prefixes=0.0.0.0/0_le32_ge32,22.22.22.0/24 -- same but with more details
+   1~as5835:s=default,other:p=0.0.0.0/0_le32_ge32,22.22.22.0/24 -- same as above
+
+OPTIONS:
+   --help, -h                     show help
+   --name value, -n value         name of the VM or HW to access
+   --wait-switches-ready, --wait  wait for switches to be ready before before and after configuring peerings (default: true)
+
+   Global options:
+
+   --brief, -b      brief output (only warn and error) (default: false) [$HHFAB_BRIEF]
+   --cache-dir DIR  use cache dir DIR for caching downloaded files (default: "/home/ubuntu/.hhfab-cache") [$HHFAB_CACHE_DIR]
+   --verbose, -v    verbose output (includes debug) (default: false) [$HHFAB_VERBOSE]
+   --workdir PATH   run as if hhfab was started in PATH instead of the current working directory (default: "/home/ubuntu") [$HHFAB_WORK_DIR]
+```
+
+### Test Connectivity
+`hhfab vlab` includes a utility to test connectivity between servers inside VLAB. This utility is a `hhfab vlab` sub-command. `hhfab vlab test-connectivity`.
+
+```console
+NAME:
+   hhfab vlab test-connectivity - test connectivity between all servers
+
+USAGE:
+   hhfab vlab test-connectivity [command options]
+
+OPTIONS:
+   --curls value                  number of curl tests to run for each server to test external connectivity (0 to disable) (default: 3)
+   --help, -h                     show help
+   --iperfs value                 seconds of iperf3 test to run between each pair of reachable servers (0 to disable) (default: 10)
+   --iperfs-speed value           minimum speed in Mbits/s for iperf3 test to consider successful (0 to not check speeds) (default: 7000)
+   --name value, -n value         name of the VM or HW to access
+   --pings value                  number of pings to send between each pair of servers (0 to disable) (default: 5)
+   --wait-switches-ready, --wait  wait for switches to be ready before testing connectivity (default: true)
+
+   Global options:
+
+   --brief, -b      brief output (only warn and error) (default: false) [$HHFAB_BRIEF]
+   --cache-dir DIR  use cache dir DIR for caching downloaded files (default: "/home/ubuntu/.hhfab-cache") [$HHFAB_CACHE_DIR]
+   --verbose, -v    verbose output (includes debug) (default: false) [$HHFAB_VERBOSE]
+   --workdir PATH   run as if hhfab was started in PATH instead of the current working directory (default: "/home/ubuntu") [$HHFAB_WORK_DIR]
+
+```
 
 ## Using VPCs with overlapping subnets