diff --git a/apps/nse-remote-vlan/nse-remote-vlan.yaml b/apps/nse-remote-vlan/nse-remote-vlan.yaml
index e6ea5907d047..59c75c61e8c4 100644
--- a/apps/nse-remote-vlan/nse-remote-vlan.yaml
+++ b/apps/nse-remote-vlan/nse-remote-vlan.yaml
@@ -21,7 +21,6 @@ spec:
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 5003
-              hostPort: 5003
           env:
             - name: SPIFFE_ENDPOINT_SOCKET
               value: unix:///run/spire/sockets/agent.sock
@@ -29,14 +28,6 @@ spec:
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.name
-            - name: NSM_CONNECT_TO
-              value: "registry:5002"
-            - name: NSM_SERVICES
-              value: "finance-bridge { vlan: 100; via: gw1}"
-            - name: NSM_CIDR_PREFIX
-              value: "172.10.0.0/24"
-            - name: NSM_IPV6_PREFIX
-              value: "100:200::/64"
             - name: NSM_POINT2POINT
               value: "False"
             - name: NSM_REGISTER_SERVICE
diff --git a/examples/remotevlan/README.md b/examples/remotevlan/README.md
index 0c24805af1e6..7560f9abc450 100644
--- a/examples/remotevlan/README.md
+++ b/examples/remotevlan/README.md
@@ -1,6 +1,6 @@
 # NSM Remote Vlan Examples
 
-This setup can be used to check remote vlan mechanism. Contain basic setup for NSM that includes `nsmgr`, `registry-k8s`, `admission-webhook-k8s`, `nse-remote-vlan`. The `nse-remote-vlan` belongs to the nsm-system since does not have role in data-plane connection.
+This setup can be used to check remote vlan mechanism with both OVS and VPP forwarder. Contain basic setup for NSM that includes `nsmgr`, `registry-k8s`, `admission-webhook-k8s`, `nse-remote-vlan`. The `nse-remote-vlan` belongs to the nsm-system since does not have role in data-plane connection.
 
 ## Requires
 
@@ -8,73 +8,100 @@ This setup can be used to check remote vlan mechanism. Contain basic setup for N
 
 ## Includes
 
+- [Remote VLAN mechanism using forwarder-ovs](./rvlanovs)
 - [Remote VLAN mechanism using forwarder-vpp](./rvlanvpp)
 
 ## Run
 
-1. Create secondary bridge network and connect kind-worker nodes:
-
-    ```bash
-    docker network create bridge-2
-    docker network connect bridge-2 kind-worker
-    docker network connect bridge-2 kind-worker2
-    ```
-
-2. Rename the newly generated interface to eth1 in both kind-workers:
-
-    ```bash
-    ifw1=$(echo $(docker exec kind-worker ip link | tail -2 | head -1) | cut -f1 -d"@" | cut -f2 -d" ")
-    docker exec kind-worker ip link set $ifw1 down
-    docker exec kind-worker ip link set $ifw1 name eth1
-    docker exec kind-worker ip link set eth1 up
-    ifw2=$(echo $(docker exec kind-worker2 ip link | tail -2 | head -1) | cut -f1 -d"@" | cut -f2 -d" ")
-    docker exec kind-worker2 ip link set $ifw2 down
-    docker exec kind-worker2 ip link set $ifw2 name eth1
-    docker exec kind-worker2 ip link set eth1 up
-    ```
-
-3. Create ns for deployments:
-
-    ```bash
-    kubectl create ns nsm-system
-    ```
-
-4. Apply NSM resources for basic tests:
-
-    ```bash
-    kubectl apply -k .
-    ```
-
-5. Wait for NSE application:
-
-    ```bash
-    kubectl -n nsm-system wait --for=condition=ready --timeout=2m pod -l app=nse-remote-vlan
-    ```
-
-6. Wait for admission-webhook-k8s:
-
-    ```bash
-    WH=$(kubectl get pods -l app=admission-webhook-k8s -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
-    kubectl wait --for=condition=ready --timeout=1m pod ${WH} -n nsm-system
-    ```
+Create secondary bridge network and connect kind-worker nodes:
+
+```bash
+docker network create bridge-2
+docker network connect bridge-2 kind-worker
+docker network connect bridge-2 kind-worker2
+```
+
+Rename the newly generated interface to eth1 in both kind-workers:
+
+```bash
+ifw1=$(echo $(docker exec kind-worker ip link | tail -2 | head -1) | cut -f1 -d"@" | cut -f2 -d" ")
+docker exec kind-worker ip link set $ifw1 down
+docker exec kind-worker ip link set $ifw1 name eth1
+docker exec kind-worker ip link set eth1 up
+ifw2=$(echo $(docker exec kind-worker2 ip link | tail -2 | head -1) | cut -f1 -d"@" | cut -f2 -d" ")
+docker exec kind-worker2 ip link set $ifw2 down
+docker exec kind-worker2 ip link set $ifw2 name eth1
+docker exec kind-worker2 ip link set eth1 up
+```
+
+Create ns for deployments:
+
+```bash
+kubectl create ns nsm-system
+```
+
+Create NSE patch:
+
+```bash
+cat > patch-nse.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+    name: nse-remote-vlan
+spec:
+  template:
+    spec:
+      containers:
+        - name: nse
+          env:
+          - name: NSM_CONNECT_TO
+            value: "registry:5002"
+          - name: NSM_SERVICES
+            value: "finance-bridge { vlan: 100; via: gw1}"
+          - name: NSM_CIDR_PREFIX
+            value: "172.10.0.0/24"
+          - name: NSM_IPV6_PREFIX
+            value: "100:200::/64"
+EOF
+```
+
+Apply NSM resources for basic tests:
+
+```bash
+kubectl apply -k .
+```
+
+Wait for NSE application:
+
+```bash
+kubectl -n nsm-system wait --for=condition=ready --timeout=2m pod -l app=nse-remote-vlan
+```
+
+Wait for admission-webhook-k8s:
+
+```bash
+WH=$(kubectl get pods -l app=admission-webhook-k8s -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
+kubectl wait --for=condition=ready --timeout=1m pod ${WH} -n nsm-system
+```
 
 ## Cleanup
 
-1. To free resources follow the next command:
+To free resources follow the next command:
 
-    ```bash
-    WH=$(kubectl get pods -l app=admission-webhook-k8s -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
-    kubectl delete mutatingwebhookconfiguration ${WH}
-    kubectl delete ns nsm-system
-    ```
+```bash
+WH=$(kubectl get pods -l app=admission-webhook-k8s -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
+kubectl delete mutatingwebhookconfiguration ${WH}
+kubectl delete ns nsm-system
+```
 
-2. Delete secondary network and kind-worker node connections:
+Delete secondary network and kind-worker node connections:
 
-    ```bash
-    docker network disconnect bridge-2 kind-worker
-    docker network disconnect bridge-2 kind-worker2
-    docker network rm bridge-2
-    docker exec kind-worker ip link del eth1
-    docker exec kind-worker2 ip link del eth1
-    true
-    ```
+```bash
+docker network disconnect bridge-2 kind-worker
+docker network disconnect bridge-2 kind-worker2
+docker network rm bridge-2
+docker exec kind-worker ip link del eth1
+docker exec kind-worker2 ip link del eth1
+true
+```
diff --git a/examples/remotevlan/kustomization.yaml b/examples/remotevlan/kustomization.yaml
index b965838db970..e5223a0a4fed 100644
--- a/examples/remotevlan/kustomization.yaml
+++ b/examples/remotevlan/kustomization.yaml
@@ -5,7 +5,10 @@ kind: Kustomization
 namespace: nsm-system
 
 bases:
-- ../../apps/nsmgr
-- ../../apps/registry-k8s
-- ../../apps/nse-remote-vlan
-- ../../apps/admission-webhook-k8s
+  - ../../apps/nsmgr
+  - ../../apps/registry-k8s
+  - ../../apps/nse-remote-vlan
+  - ../../apps/admission-webhook-k8s
+
+patchesStrategicMerge:
+  - patch-nse.yaml
diff --git a/examples/remotevlan/rvlanovs/README.md b/examples/remotevlan/rvlanovs/README.md
new file mode 100644
index 000000000000..f726887e3fd4
--- /dev/null
+++ b/examples/remotevlan/rvlanovs/README.md
@@ -0,0 +1,35 @@
+# NSM Remote Vlan OVS Forwarder
+
+Contains setup for `forwarder-ovs` and device configuration file for remote vlan mechanism.
+
+## Requires
+
+Make sure that you have completed steps from [remotevlan](../../remotevlan) setup.
+
+## Includes
+
+- [Kernel2RVlanInternal](../../use-cases/Kernel2RVlanInternal)
+- [Kernel2RVlanBreakout](../../use-cases/Kernel2RVlanBreakout)
+- [Kernel2RVlanMultiNS](../../use-cases/Kernel2RVlanMultiNS)
+
+## Run
+
+Deploy the forwarder:
+
+```bash
+kubectl apply -k .
+```
+
+Wait forwarder to start:
+
+```bash
+kubectl -n nsm-system wait --for=condition=ready --timeout=2m pod -l app=forwarder-ovs
+```
+
+## Cleanup
+
+Delete the forwarder:
+
+```bash
+kubectl delete -k .
+```
diff --git a/examples/remotevlan/rvlanovs/kustomization.yaml b/examples/remotevlan/rvlanovs/kustomization.yaml
new file mode 100644
index 000000000000..e267daca12a4
--- /dev/null
+++ b/examples/remotevlan/rvlanovs/kustomization.yaml
@@ -0,0 +1,16 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: nsm-system
+
+bases:
+  - ../../../apps/forwarder-ovs
+
+configMapGenerator:
+  - name: device-selector
+    files:
+      - selector
+
+patchesStrategicMerge:
+  - patch-forwarder-ovs.yaml
diff --git a/examples/remotevlan/rvlanovs/patch-forwarder-ovs.yaml b/examples/remotevlan/rvlanovs/patch-forwarder-ovs.yaml
new file mode 100644
index 000000000000..c24b80bc0b74
--- /dev/null
+++ b/examples/remotevlan/rvlanovs/patch-forwarder-ovs.yaml
@@ -0,0 +1,24 @@
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: forwarder-ovs
+spec:
+  template:
+    spec:
+      containers:
+        - name: forwarder-ovs
+          env:
+            - name: NSM_L2_RESOURCE_SELECTOR_FILE
+              value: /var/lib/networkservicemesh/device-selector.yaml
+          volumeMounts:
+            - name: devsel-vol
+              mountPath: /var/lib/networkservicemesh/device-selector.yaml
+              subPath: device-selector.yaml
+      volumes:
+      - name: devsel-vol
+        configMap:
+          name: device-selector
+          items:
+          - key: selector
+            path: device-selector.yaml
diff --git a/examples/remotevlan/rvlanovs/selector b/examples/remotevlan/rvlanovs/selector
new file mode 100644
index 000000000000..87e416520882
--- /dev/null
+++ b/examples/remotevlan/rvlanovs/selector
@@ -0,0 +1,7 @@
+---
+interfaces:
+  - name: eth1
+    bridge: br0
+    matches:
+       - labelSelector:
+           - via: gw1
diff --git a/examples/remotevlan/rvlanvpp/README.md b/examples/remotevlan/rvlanvpp/README.md
index 54fae3d8f6df..098347186fea 100644
--- a/examples/remotevlan/rvlanvpp/README.md
+++ b/examples/remotevlan/rvlanvpp/README.md
@@ -8,7 +8,9 @@ Make sure that you have completed steps from [remotevlan](../../remotevlan) setu
 
 ## Includes
 
-- [Kernel2RVlan](../../use-cases/Kernel2RVlan)
+- [Kernel2RVlanInternal](../../use-cases/Kernel2RVlanInternal)
+- [Kernel2RVlanBreakout](../../use-cases/Kernel2RVlanBreakout)
+- [Kernel2RVlanMultiNS](../../use-cases/Kernel2RVlanMultiNS)
 
 ## Run
 
@@ -17,3 +19,17 @@ Deploy the forwarder:
 ```bash
 kubectl apply -k .
 ```
+
+Wait forwarder to start:
+
+```bash
+kubectl -n nsm-system wait --for=condition=ready --timeout=2m pod -l app=forwarder-vpp
+```
+
+## Cleanup
+
+Delete the forwarder:
+
+```bash
+kubectl delete -k .
+```
diff --git a/examples/remotevlan/rvlanvpp/device-selector.yaml b/examples/remotevlan/rvlanvpp/device-selector.yaml
deleted file mode 100644
index 3a31650c77f7..000000000000
--- a/examples/remotevlan/rvlanvpp/device-selector.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: device-selector
-  namespace: nsm-system
-data:
-  selector: "---\ninterfaces:\n  - name: eth1\n    matches:\n       - labelSelector:\n
-    \          - via: gw1\n     \n"
diff --git a/examples/remotevlan/rvlanvpp/kustomization.yaml b/examples/remotevlan/rvlanvpp/kustomization.yaml
index 3e161cc8d9e6..869d15cd2c0c 100644
--- a/examples/remotevlan/rvlanvpp/kustomization.yaml
+++ b/examples/remotevlan/rvlanvpp/kustomization.yaml
@@ -7,8 +7,9 @@ namespace: nsm-system
 bases:
 - ../../../apps/forwarder-vpp
 
-resources:
-  - device-selector.yaml
-
+configMapGenerator:
+  - name: device-selector
+    files:
+      - selector
 patchesStrategicMerge:
   - patch-forwarder-vpp.yaml
diff --git a/examples/remotevlan/rvlanvpp/selector b/examples/remotevlan/rvlanvpp/selector
new file mode 100644
index 000000000000..0d821322acaf
--- /dev/null
+++ b/examples/remotevlan/rvlanvpp/selector
@@ -0,0 +1,6 @@
+---
+interfaces:
+  - name: eth1
+    matches:
+       - labelSelector:
+           - via: gw1
diff --git a/examples/use-cases/Kernel2RVlan/.gitignore b/examples/use-cases/Kernel2RVlanBreakout/.gitignore
similarity index 100%
rename from examples/use-cases/Kernel2RVlan/.gitignore
rename to examples/use-cases/Kernel2RVlanBreakout/.gitignore
diff --git a/examples/use-cases/Kernel2RVlan/README.md b/examples/use-cases/Kernel2RVlanBreakout/README.md
similarity index 59%
rename from examples/use-cases/Kernel2RVlan/README.md
rename to examples/use-cases/Kernel2RVlanBreakout/README.md
index 68d99d4800e2..73e3f5cbec62 100644
--- a/examples/use-cases/Kernel2RVlan/README.md
+++ b/examples/use-cases/Kernel2RVlanBreakout/README.md
@@ -17,7 +17,7 @@ NAMESPACE=($(kubectl create -f https://raw.githubusercontent.com/networkservicem
 NAMESPACE=${NAMESPACE:10}
 ```
 
-Create first iperf server deployment:
+Create iperf server deployment:
 
 ```bash
 cat > first-iperf-s.yaml <<EOF
@@ -58,26 +58,10 @@ spec:
 EOF
 ```
 
-Create kustomization file:
+Deploy the application:
 
 ```bash
-cat > kustomization.yaml <<EOF
----
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-namespace: ${NAMESPACE}
-
-resources:
-- first-iperf-s.yaml
-
-EOF
-```
-
-Deploy the iperf-NSCs:
-
-```bash
-kubectl apply -k .
+kubectl apply -n ${NAMESPACE} -f ./first-iperf-s.yaml
 ```
 
 Wait for applications ready:
@@ -92,19 +76,6 @@ Get the iperf-NSC pods:
 NSCS=($(kubectl get pods -l app=iperf1-s -n ${NAMESPACE} --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'))
 ```
 
-Start an iperf server in NSC:
-
-```bash
-IS_FIRST=$(kubectl exec ${NSCS[0]} -c iperf-server -n ${NAMESPACE} -- ip a s nsm-1 | grep 172.10.0.1)
-if [ -n "$IS_FIRST" ]; then
-  kubectl exec ${NSCS[0]} -c iperf-server -n ${NAMESPACE} -- iperf3 -sD -B 172.10.0.1 -1
-  kubectl exec ${NSCS[1]} -c iperf-server -n ${NAMESPACE} -- iperf3 -i0 t 5 -c 172.10.0.1 -B 172.10.0.2
-else
-  kubectl exec ${NSCS[1]} -c iperf-server -n ${NAMESPACE} -- iperf3 -sD -B 172.10.0.1 -1
-  kubectl exec ${NSCS[0]} -c iperf-server -n ${NAMESPACE} -- iperf3 -i0 t 5 -c 172.10.0.1 -B 172.10.0.2
-fi
-```
-
 Create a docker image for test external connections:
 
 ```bash
@@ -112,7 +83,7 @@ cat > Dockerfile <<EOF
 FROM networkstatic/iperf3
 
 RUN apt-get update \
-    && apt-get install -y ethtool tcpdump \
+    && apt-get install -y ethtool iproute2 \
     && rm -rf /var/lib/apt/lists/*
 
 ENTRYPOINT [ "tail", "-f", "/dev/null" ]
@@ -131,30 +102,87 @@ docker exec rvm-tester ip addr add 172.10.0.254/24 dev eth0.100
 docker exec rvm-tester ethtool -K eth0 tx off
 ```
 
-Start the client from tester container:
-
-```bash
-docker exec rvm-tester ping -c 1 172.10.0.1
-```
-
 Start iperf client on tester:
 
-```bash
-IS_FIRST=$(kubectl exec ${NSCS[0]} -c iperf-server -n ${NAMESPACE} -- ip a s nsm-1 | grep 172.10.0.1)
-if [ -n "$IS_FIRST" ]; then
-  kubectl exec ${NSCS[0]} -c iperf-server -n ${NAMESPACE} -- iperf3 -sD -B 172.10.0.1 -1
-else
-  kubectl exec ${NSCS[1]} -c iperf-server -n ${NAMESPACE} -- iperf3 -sD -B 172.10.0.1 -1
-fi
-docker exec rvm-tester iperf3 -i0 t 5 -c 172.10.0.1
-```
+1. TCP
+
+    ```bash
+    status=0
+    for nsc in "${NSCS[@]}"
+    do
+      IP_ADDRESS=$(kubectl exec ${nsc} -c cmd-nsc -n ${NAMESPACE} -- ip -4 addr show nsm-1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+      kubectl exec ${nsc} -c iperf-server -n ${NAMESPACE} -- iperf3 -sD -B ${IP_ADDRESS} -1
+      docker exec rvm-tester iperf3 -i0 -t 125 -c ${IP_ADDRESS}
+      if test $? -ne 0
+      then
+        status=1
+      fi
+    done
+    if test ${status} -eq 1
+    then
+      false
+    fi
+    ```
+
+2. UDP
+
+    ```bash
+    status=0
+    for nsc in "${NSCS[@]}"
+    do
+      IP_ADDRESS=$(kubectl exec ${nsc} -c cmd-nsc -n ${NAMESPACE} -- ip -4 addr show nsm-1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+      kubectl exec ${nsc} -c iperf-server -n ${NAMESPACE} -- iperf3 -sD -B ${IP_ADDRESS} -1
+      docker exec rvm-tester iperf3 -i0 -t 5 -u -c ${IP_ADDRESS}
+      if test $? -ne 0
+      then
+        status=1
+      fi
+    done
+    if test ${status} -eq 1
+    then
+      false
+    fi
+    ```
 
 Start iperf server on tester:
 
-```bash
-docker exec rvm-tester iperf3 -sD -B 172.10.0.254 -1
-kubectl exec ${NSCS[0]} -c iperf-server -n ${NAMESPACE} -- iperf3 -i0 t 5 -c 172.10.0.254
-```
+1. TCP
+
+    ```bash
+    status=0
+    for nsc in "${NSCS[@]}"
+    do
+      docker exec rvm-tester iperf3 -sD -B 172.10.0.254 -1
+      kubectl exec ${nsc} -c iperf-server -n ${NAMESPACE} -- iperf3 -i0 -t 5 -c 172.10.0.254
+      if test $? -ne 0
+      then
+        status=1
+      fi
+    done
+    if test ${status} -eq 1
+    then
+      false
+    fi
+    ```
+
+2. UDP
+
+    ```bash
+    status=0
+    for nsc in "${NSCS[@]}"
+    do
+      docker exec rvm-tester iperf3 -sD -B 172.10.0.254 -1
+      kubectl exec ${NSCS[1]} -c iperf-server -n ${NAMESPACE} -- iperf3 -i0 -t 5 -u -c 172.10.0.254
+      if test $? -ne 0
+      then
+        status=1
+      fi
+    done
+    if test ${status} -eq 1
+    then
+      false
+    fi
+    ```
 
 ## Cleanup
 
diff --git a/examples/use-cases/Kernel2RVlanInternal/.gitignore b/examples/use-cases/Kernel2RVlanInternal/.gitignore
new file mode 100644
index 000000000000..0c85c9bf18f5
--- /dev/null
+++ b/examples/use-cases/Kernel2RVlanInternal/.gitignore
@@ -0,0 +1,2 @@
+first-iperf-s.yaml
+Dockerfile
diff --git a/examples/use-cases/Kernel2RVlanInternal/README.md b/examples/use-cases/Kernel2RVlanInternal/README.md
new file mode 100644
index 000000000000..e404b8314395
--- /dev/null
+++ b/examples/use-cases/Kernel2RVlanInternal/README.md
@@ -0,0 +1,135 @@
+# Test kernel to remote vlan connection
+
+This example shows that NSCs can connect to each other by VLAN interface.
+NSCs are using the `kernel` mechanism to connect to local forwarder.
+Forwarders are using the `vlan` remote mechanism to set up the VLAN interface.
+
+## Requires
+
+Make sure that you have completed steps from [remotevlan](../../remotevlan) setup.
+
+## Run
+
+Create test namespace:
+
+```bash
+NAMESPACE=($(kubectl create -f https://raw.githubusercontent.com/networkservicemesh/deployments-k8s/1b4ebff2fd10a1a9316a437183d1e0807494ee81/examples/use-cases/namespace.yaml)[0])
+NAMESPACE=${NAMESPACE:10}
+```
+
+Create iperf server deployment:
+
+```bash
+cat > first-iperf-s.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: iperf1-s
+  labels:
+    app: iperf1-s
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: iperf1-s
+  template:
+    metadata:
+      labels:
+        app: iperf1-s
+      annotations:
+        networkservicemesh.io: kernel://finance-bridge/nsm-1
+    spec:
+      affinity:
+        podAntiAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+          - labelSelector:
+              matchExpressions:
+              - key: app
+                operator: In
+                values:
+                - iperf1-s
+            topologyKey: "kubernetes.io/hostname"
+      containers:
+      - name: iperf-server
+        image: networkstatic/iperf3:latest
+        imagePullPolicy: IfNotPresent
+        command: ["tail", "-f", "/dev/null"]
+EOF
+```
+
+Create kustomization file:
+
+```bash
+cat > kustomization.yaml <<EOF
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: ${NAMESPACE}
+
+resources:
+- first-iperf-s.yaml
+
+EOF
+```
+
+Deploy the application:
+
+```bash
+kubectl apply -k .
+```
+
+Wait for applications ready:
+
+```bash
+kubectl -n ${NAMESPACE} wait --for=condition=ready --timeout=1m pod -l app=iperf1-s
+```
+
+Get the iperf-NSC pods:
+
+```bash
+NSCS=($(kubectl get pods -l app=iperf1-s -n ${NAMESPACE} --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'))
+```
+
+Start an iperf server in one NSC and client in another:
+
+1. TCP with IPv4
+
+    ```bash
+    IP_ADDR=$(kubectl exec ${NSCS[0]} -c cmd-nsc -n ${NAMESPACE} -- ip -4 addr show nsm-1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+    kubectl exec ${NSCS[0]} -c iperf-server -n ${NAMESPACE} -- iperf3 -sD -B ${IP_ADDR} -1
+    kubectl exec ${NSCS[1]} -c iperf-server -n ${NAMESPACE} -- iperf3 -i0 -t 5 -c ${IP_ADDR}
+    ```
+
+2. UDP with IPv4:
+
+    ```bash
+    IP_ADDR=$(kubectl exec ${NSCS[1]} -c cmd-nsc -n ${NAMESPACE} -- ip -4 addr show nsm-1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+    kubectl exec ${NSCS[1]} -c iperf-server -n ${NAMESPACE} -- iperf3 -sD -B ${IP_ADDR} -1
+    kubectl exec ${NSCS[0]} -c iperf-server -n ${NAMESPACE} -- iperf3 -i0 -t 5 -u -c ${IP_ADDR}
+    ```
+
+3. TCP with IPv6:
+
+    ```bash
+    IP_ADDR=$(kubectl exec ${NSCS[0]} -c cmd-nsc -n ${NAMESPACE} -- ip -6 a s nsm-1 scope global | grep -oP '(?<=inet6\s)([0-9a-f:]+:+)+[0-9a-f]+')
+    kubectl exec ${NSCS[0]} -c iperf-server -n ${NAMESPACE} -- iperf3 -sD -B ${IP_ADDR} -1
+    kubectl exec ${NSCS[1]} -c iperf-server -n ${NAMESPACE} -- iperf3 -i0 -t 5 -6 -c ${IP_ADDR}
+    ```
+
+4. UDP with IPv6:
+
+    ```bash
+    IP_ADDR=$(kubectl exec ${NSCS[1]} -c cmd-nsc -n ${NAMESPACE} -- ip -6 a s nsm-1 scope global | grep -oP '(?<=inet6\s)([0-9a-f:]+:+)+[0-9a-f]+')
+    kubectl exec ${NSCS[1]} -c iperf-server -n ${NAMESPACE} -- iperf3 -sD -B ${IP_ADDR} -1
+    kubectl exec ${NSCS[0]} -c iperf-server -n ${NAMESPACE} -- iperf3 -i0 -t 5 -6 -u -c ${IP_ADDR}
+    ```
+
+## Cleanup
+
+Delete the test namespace:
+
+```bash
+kubectl delete ns ${NAMESPACE}
+```
diff --git a/examples/use-cases/Kernel2RVlanMultiNS/.gitignore b/examples/use-cases/Kernel2RVlanMultiNS/.gitignore
new file mode 100644
index 000000000000..a7502eb97ad7
--- /dev/null
+++ b/examples/use-cases/Kernel2RVlanMultiNS/.gitignore
@@ -0,0 +1,9 @@
+ns-1/first-client.yaml
+ns-1/patch-nse.yaml
+ns-1/kustomization.yaml
+ns-2/second-client.yaml
+ns-2/third-client.yaml
+ns-2/patch-nse.yaml
+ns-2/kustomization.yaml
+client.yaml
+Dockerfile
diff --git a/examples/use-cases/Kernel2RVlanMultiNS/README.md b/examples/use-cases/Kernel2RVlanMultiNS/README.md
new file mode 100644
index 000000000000..0744d59f6c9e
--- /dev/null
+++ b/examples/use-cases/Kernel2RVlanMultiNS/README.md
@@ -0,0 +1,540 @@
+# Test kernel to remote vlan connection
+
+This example shows that NSCs can connect to a cluster external entity by a VLAN interface. The clients in this topology are running in different k8s namespaces and connecting to dfferent services provided by three endpoint.
+NSCs are using the `kernel` mechanism to connect to local forwarder.
+Forwarders are using the `vlan` remote mechanism to set up the VLAN interface.
+
+## Requires
+
+Make sure that you have completed steps from [remotevlan](../../remotevlan) setup.
+
+## Run
+
+Create test namespace:
+
+```bash
+NAMESPACE=($(kubectl create -f https://raw.githubusercontent.com/networkservicemesh/deployments-k8s/1b4ebff2fd10a1a9316a437183d1e0807494ee81/examples/use-cases/namespace.yaml)[0])
+FIRST_NAMESPACE=${NAMESPACE:10}
+NAMESPACE=($(kubectl create -f https://raw.githubusercontent.com/networkservicemesh/deployments-k8s/1b4ebff2fd10a1a9316a437183d1e0807494ee81/examples/use-cases/namespace.yaml)[0])
+SECOND_NAMESPACE=${NAMESPACE:10}
+```
+
+Create example directories to separate deployments:
+
+```bash
+mkdir -p ns-1 ns-2
+```
+
+Create first client:
+
+```bash
+cat > ns-1/first-client.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: alpine-1
+  labels:
+    app: alpine-1
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: alpine-1
+  template:
+    metadata:
+      labels:
+        app: alpine-1
+      annotations:
+        networkservicemesh.io: kernel://private-bridge.${FIRST_NAMESPACE}/nsm-1
+    spec:
+      affinity:
+        podAntiAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+          - labelSelector:
+              matchExpressions:
+              - key: app
+                operator: In
+                values:
+                - alpine-1
+            topologyKey: "kubernetes.io/hostname"
+      containers:
+      - name: alpine
+        image: alpine:3.15.0
+        imagePullPolicy: IfNotPresent
+        stdin: true
+        tty: true
+EOF
+```
+
+Create NSE patch:
+
+```bash
+cat > ns-1/patch-nse.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nse-remote-vlan
+spec:
+  template:
+    spec:
+      containers:
+      - name: nse
+        env:
+          - name: NSM_CONNECT_TO
+            value: "registry.nsm-system:5002"
+          - name: NSM_SERVICES
+            value: "private-bridge.${FIRST_NAMESPACE} { vlan: 200; via: gw1 }"
+          - name: NSM_CIDR_PREFIX
+            value: "172.10.1.0/24"
+          - name: NSM_IPV6_PREFIX
+            value: "100:201::/64"
+EOF
+```
+
+Create customization file:
+
+```bash
+cat > ns-1/kustomization.yaml <<EOF
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: ${FIRST_NAMESPACE}
+
+resources:
+- first-client.yaml
+
+bases:
+- ../../../../apps/nse-remote-vlan
+
+patchesStrategicMerge:
+- patch-nse.yaml
+EOF
+```
+
+Deployment in first namespace
+
+```bash
+ kubectl apply -k ./ns-1
+```
+
+Create second and third client:
+
+```bash
+cat > ns-2/second-client.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: alpine-2
+  labels:
+    app: alpine-2
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: alpine-2
+  template:
+    metadata:
+      labels:
+        app: alpine-2
+      annotations:
+        networkservicemesh.io: kernel://blue-bridge.${SECOND_NAMESPACE}/nsm-1
+    spec:
+      affinity:
+        podAntiAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+          - labelSelector:
+              matchExpressions:
+              - key: app
+                operator: In
+                values:
+                - alpine-2
+            topologyKey: "kubernetes.io/hostname"
+      containers:
+      - name: alpine
+        image: alpine:3.15.0
+        imagePullPolicy: IfNotPresent
+        stdin: true
+        tty: true
+EOF
+cat > ns-2/third-client.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: alpine-3
+  labels:
+    app: alpine-3
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: alpine-3
+  template:
+    metadata:
+      labels:
+        app: alpine-3
+      annotations:
+        networkservicemesh.io: kernel://green-bridge.${SECOND_NAMESPACE}/nsm-1
+    spec:
+      affinity:
+        podAntiAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+          - labelSelector:
+              matchExpressions:
+              - key: app
+                operator: In
+                values:
+                - alpine-3
+            topologyKey: "kubernetes.io/hostname"
+      containers:
+      - name: alpine
+        image: alpine:3.15.0
+        imagePullPolicy: IfNotPresent
+        stdin: true
+        tty: true
+EOF
+```
+
+Create NSE patch:
+
+```bash
+cat > ns-2/patch-nse.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nse-remote-vlan
+spec:
+  template:
+    spec:
+      containers:
+      - name: nse
+        env:
+          - name: NSM_CONNECT_TO
+            value: "registry.nsm-system:5002"
+          - name: NSM_SERVICES
+            value: "blue-bridge.${SECOND_NAMESPACE} { vlan: 300; via: gw1 }, green-bridge.${SECOND_NAMESPACE} { vlan: 400; via: gw1 }"
+          - name: NSM_CIDR_PREFIX
+            value: "172.10.2.0/24"
+          - name: NSM_IPV6_PREFIX
+            value: "100:202::/64"
+EOF
+```
+
+Create customization file:
+
+```bash
+cat > ns-2/kustomization.yaml <<EOF
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: ${SECOND_NAMESPACE}
+
+resources:
+- second-client.yaml
+- third-client.yaml
+
+bases:
+- ../../../../apps/nse-remote-vlan
+
+nameSuffix: -bg
+
+patchesStrategicMerge:
+- patch-nse.yaml
+EOF
+```
+
+Deployment in second namespace:
+
+```bash
+ kubectl apply -k ./ns-2
+```
+
+Create the last client:
+
+```bash
+cat > client.yaml <<EOF
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: alpine-4
+  labels:
+    app: alpine-4
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: alpine-4
+  template:
+    metadata:
+      labels:
+        app: alpine-4
+      annotations:
+        networkservicemesh.io: kernel://finance-bridge/nsm-1
+    spec:
+      affinity:
+        podAntiAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+          - labelSelector:
+              matchExpressions:
+              - key: app
+                operator: In
+                values:
+                - alpine-4
+            topologyKey: "kubernetes.io/hostname"
+      containers:
+      - name: alpine
+        image: alpine:3.15.0
+        imagePullPolicy: IfNotPresent
+        stdin: true
+        tty: true
+EOF
+```
+
+Deploy the last client
+
+```bash
+ kubectl apply -n nsm-system -f client.yaml
+```
+
+Wait for applications ready:
+
+```bash
+kubectl -n ${FIRST_NAMESPACE} wait --for=condition=ready --timeout=1m pod -l app=nse-remote-vlan
+```
+
+```bash
+kubectl -n ${FIRST_NAMESPACE} wait --for=condition=ready --timeout=1m pod -l app=alpine-1
+```
+
+```bash
+kubectl -n ${SECOND_NAMESPACE} wait --for=condition=ready --timeout=1m pod -l app=nse-remote-vlan
+```
+
+```bash
+kubectl -n ${SECOND_NAMESPACE} wait --for=condition=ready --timeout=1m pod -l app=alpine-2
+```
+
+```bash
+kubectl -n ${SECOND_NAMESPACE} wait --for=condition=ready --timeout=1m pod -l app=alpine-3
+```
+
+```bash
+kubectl -n nsm-system wait --for=condition=ready --timeout=1m pod -l app=alpine-4
+```
+
+Create a docker image for test external connections:
+
+```bash
+cat > Dockerfile <<EOF
+FROM alpine:3.15.0
+
+RUN apk add ethtool
+
+ENTRYPOINT [ "tail", "-f", "/dev/null" ]
+EOF
+docker build . -t rvm-tester
+```
+
+Setup a docker container for traffic test:
+
+```bash
+docker run --cap-add=NET_ADMIN --rm -d --network bridge-2 --name rvm-tester rvm-tester tail -f /dev/null
+docker exec rvm-tester ip link set eth0 down
+docker exec rvm-tester ip link add link eth0 name eth0.100 type vlan id 100
+docker exec rvm-tester ip link add link eth0 name eth0.200 type vlan id 200
+docker exec rvm-tester ip link add link eth0 name eth0.300 type vlan id 300
+docker exec rvm-tester ip link add link eth0 name eth0.400 type vlan id 400
+docker exec rvm-tester ip link set eth0 up
+docker exec rvm-tester ip addr add 172.10.0.254/24 dev eth0.100
+docker exec rvm-tester ip addr add 172.10.1.254/24 dev eth0.200
+docker exec rvm-tester ip addr add 172.10.2.254/24 dev eth0.300
+docker exec rvm-tester ip addr add 172.10.2.253/24 dev eth0.400
+docker exec rvm-tester ethtool -K eth0 tx off
+```
+
+Get the NSC pods from first k8s namespace:
+
+```bash
+NSCS=($(kubectl get pods -l app=alpine-1 -n ${FIRST_NAMESPACE} --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'))
+```
+
+Get the IP addresses for NSCs from first k8s namespace:
+
+```bash
+declare -A IP_ADDR
+for nsc in "${NSCS[@]}"
+do
+  IP_ADDR[$nsc]=$(kubectl exec ${nsc} -n ${FIRST_NAMESPACE} -c alpine -- ip -4 addr show nsm-1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+done
+```
+
+Check first vlan from tester container:
+
+```bash
+status=0
+for nsc in "${NSCS[@]}"
+do
+  for vlan_if_name in eth0.100 eth0.300 eth0.400
+  do
+    docker exec rvm-tester ping -w 1 -c 1 ${IP_ADDR[$nsc]} -I ${vlan_if_name}
+    if test $? -eq 0
+      then
+        status=2
+    fi
+  done
+  docker exec rvm-tester ping -c 1 ${IP_ADDR[$nsc]} -I eth0.200
+  if test $? -ne 0
+    then
+      status=1
+  fi
+done
+if test ${status} -eq 1
+  then
+    false
+fi
+```
+
+Get the NSC pods from second k8s namespace:
+
+```bash
+NSCS_BLUE=($(kubectl get pods -l app=alpine-2 -n ${SECOND_NAMESPACE} --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'))
+NSCS_GREEN=($(kubectl get pods -l app=alpine-3 -n ${SECOND_NAMESPACE} --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'))
+```
+
+Get the IP addresses for NSCs from second k8s namespace:
+
+```bash
+declare -A IP_ADDR_BLUE
+for nsc in "${NSCS_BLUE[@]}"
+do
+  IP_ADDR_BLUE[$nsc]=$(kubectl exec ${nsc} -n ${SECOND_NAMESPACE} -c alpine -- ip -4 addr show nsm-1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+done
+declare -A IP_ADDR_GREEN
+for nsc in "${NSCS_GREEN[@]}"
+do
+  IP_ADDR_GREEN[$nsc]=$(kubectl exec ${nsc} -n ${SECOND_NAMESPACE} -c alpine -- ip -4 addr show nsm-1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+done
+```
+
+Check vlan (300 and 400) from tester container:
+
+```bash
+status=0
+for nsc in "${NSCS_BLUE[@]}"
+do
+  for vlan_if_name in eth0.100 eth0.200 eth0.400
+  do
+    docker exec rvm-tester ping -w 1 -c 1 ${IP_ADDR_BLUE[$nsc]} -I ${vlan_if_name}
+    if test $? -eq 0
+      then
+        status=2
+    fi
+  done
+  docker exec rvm-tester ping -c 1 ${IP_ADDR_BLUE[$nsc]} -I eth0.300
+  if test $? -ne 0
+    then
+      status=1
+  fi
+done
+for nsc in "${NSCS_GREEN[@]}"
+do
+  for vlan_if_name in eth0.100 eth0.200 eth0.300
+  do
+    docker exec rvm-tester ping -w 1 -c 1 ${IP_ADDR_GREEN[$nsc]} -I ${vlan_if_name}
+    if test $? -eq 0
+      then
+        status=2
+    fi
+  done
+  docker exec rvm-tester ping -c 1 ${IP_ADDR_GREEN[$nsc]} -I eth0.400
+  if test $? -ne 0
+    then
+      status=1
+  fi
+done
+if test ${status} -eq 1
+  then
+    false
+fi
+```
+
+Get the NSC pods from nsm-system k8s namespace:
+
+```bash
+NSCS=($(kubectl get pods -l app=alpine-4 -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'))
+```
+
+Get the IP addresses for NSCs from first k8s namespace:
+
+```bash
+declare -A IP_ADDR
+for nsc in "${NSCS[@]}"
+do
+  IP_ADDR[$nsc]=$(kubectl exec ${nsc} -n nsm-system -c alpine -- ip -4 addr show nsm-1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+done
+```
+
+Check first vlan from tester container:
+
+```bash
+status=0
+for nsc in "${NSCS[@]}"
+do
+  for vlan_if_name in eth0.200 eth0.300 eth0.400
+  do
+    docker exec rvm-tester ping -w 1 -c 1 ${IP_ADDR[$nsc]} -I ${vlan_if_name}
+    if test $? -eq 0
+      then
+        status=2
+    fi
+  done
+  docker exec rvm-tester ping -c 1 ${IP_ADDR[$nsc]} -I eth0.100
+  if test $? -ne 0
+    then
+      status=1
+  fi
+done
+if test ${status} -eq 1
+  then
+    false
+fi
+```
+
+## Cleanup
+
+Delete the tester container and image:
+
+```bash
+docker stop rvm-tester && \
+docker image rm rvm-tester:latest
+true
+```
+
+Delete the last client:
+
+```bash
+kubectl delete --namespace=nsm-system -f client.yaml
+```
+
+Delete the test namespace:
+
+```bash
+kubectl delete ns ${FIRST_NAMESPACE}
+```
+
+```bash
+kubectl delete ns ${SECOND_NAMESPACE}
+```
+
+Delete the directories:
+
+```bash
+rm -rf ns-1 ns-2
+```
diff --git a/external-images.yaml b/external-images.yaml
index 1c1a98f42cf7..e78bad78d12b 100644
--- a/external-images.yaml
+++ b/external-images.yaml
@@ -16,3 +16,4 @@ images:
   - jaegertracing/all-in-one:latest
   - otel/opentelemetry-collector:latest
   - prom/prometheus:latest
+  - networkstatic/iperf3:latest