diff --git a/.golangci.yml b/.golangci.yml
index 014a71d..e21cd03 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -30,7 +30,7 @@ linters-settings:
   goimports:
     local-prefixes: github.com/networkservicemesh
   gocyclo:
-    min-complexity: 20
+    min-complexity: 25
   maligned:
     suggest-new: true
   dupl:
diff --git a/Dockerfile b/Dockerfile
index 75117c8..39c35e9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-ARG VPP_VERSION=v22.06-rc0-147-g1c5485ab8
+ARG VPP_VERSION=v23.02-rc0-189-g0359d19f2
 FROM ghcr.io/edwarnicke/govpp/vpp:${VPP_VERSION} as go
 COPY --from=golang:1.18.2-buster /usr/local/go/ /go
 ENV PATH ${PATH}:/go/bin
diff --git a/vppinit/acl.go b/vppinit/acl.go
index b074b41..4dd442b 100644
--- a/vppinit/acl.go
+++ b/vppinit/acl.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2022 Cisco and/or its affiliates.
+// Copyright (c) 2022-2023 Cisco and/or its affiliates.
 //
 // SPDX-License-Identifier: Apache-2.0
 //
@@ -97,6 +97,7 @@ func ingressACLAddDelete() *acl.ACLAddReplace {
 				// Allow ingress ICMPv6 Router Advertisement Message
 				IsPermit:               acl_types.ACL_ACTION_API_PERMIT,
 				SrcPrefix:              ipv6zeroPrefix,
+				DstPrefix:              ipv6zeroPrefix,
 				Proto:                  ip_types.IP_API_PROTO_ICMP6,
 				DstportOrIcmpcodeFirst: 134,
 				DstportOrIcmpcodeLast:  134,
@@ -105,6 +106,7 @@ func ingressACLAddDelete() *acl.ACLAddReplace {
 				// Allow ingress ICMPv6 Neighbor Advertisement Message
 				IsPermit:               acl_types.ACL_ACTION_API_PERMIT,
 				SrcPrefix:              ipv6zeroPrefix,
+				DstPrefix:              ipv6zeroPrefix,
 				Proto:                  ip_types.IP_API_PROTO_ICMP6,
 				DstportOrIcmpcodeFirst: 136,
 				DstportOrIcmpcodeLast:  136,
@@ -112,10 +114,12 @@ func ingressACLAddDelete() *acl.ACLAddReplace {
 			{
 				IsPermit:  acl_types.ACL_ACTION_API_DENY,
 				SrcPrefix: ipV4zeroPrefix,
+				DstPrefix: ipV4zeroPrefix,
 			},
 			{
 				IsPermit:  acl_types.ACL_ACTION_API_DENY,
 				SrcPrefix: ipv6zeroPrefix,
+				DstPrefix: ipv6zeroPrefix,
 			},
 		},
 	}
@@ -130,6 +134,7 @@ func egressACLAddDelete() *acl.ACLAddReplace {
 				// Allow egress ICMPv6 Router Solicitation Message
 				IsPermit:               acl_types.ACL_ACTION_API_PERMIT,
 				Proto:                  ip_types.IP_API_PROTO_ICMP6,
+				SrcPrefix:              ipv6zeroPrefix,
 				DstPrefix:              ipv6zeroPrefix,
 				SrcportOrIcmptypeFirst: 133,
 				SrcportOrIcmptypeLast:  133,
@@ -139,15 +144,18 @@ func egressACLAddDelete() *acl.ACLAddReplace {
 				IsPermit:               acl_types.ACL_ACTION_API_PERMIT,
 				Proto:                  ip_types.IP_API_PROTO_ICMP6,
 				SrcPrefix:              ipv6zeroPrefix,
+				DstPrefix:              ipv6zeroPrefix,
 				SrcportOrIcmptypeFirst: 135,
 				SrcportOrIcmptypeLast:  135,
 			},
 			{
 				IsPermit:  acl_types.ACL_ACTION_API_DENY,
+				SrcPrefix: ipV4zeroPrefix,
 				DstPrefix: ipV4zeroPrefix,
 			},
 			{
 				IsPermit:  acl_types.ACL_ACTION_API_DENY,
+				SrcPrefix: ipv6zeroPrefix,
 				DstPrefix: ipv6zeroPrefix,
 			},
 		},
diff --git a/vppinit/vppinit.go b/vppinit/vppinit.go
index f950a94..7b1170f 100644
--- a/vppinit/vppinit.go
+++ b/vppinit/vppinit.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2020-2022 Cisco and/or its affiliates.
+// Copyright (c) 2020-2023 Cisco and/or its affiliates.
 //
 // SPDX-License-Identifier: Apache-2.0
 //
@@ -65,6 +65,10 @@ func LinkToAfPacket(ctx context.Context, vppConn api.Connection, tunnelIP net.IP
 		return nil, err
 	}
 
+	if mtuErr := setMtu(ctx, vppConn, link, swIfIndex); err != nil {
+		return nil, mtuErr
+	}
+
 	if aclErr := denyAllACLToInterface(ctx, vppConn, swIfIndex); aclErr != nil {
 		return nil, aclErr
 	}
@@ -166,27 +170,26 @@ func LinkToAfPacket(ctx context.Context, vppConn api.Connection, tunnelIP net.IP
 }
 
 func createAfPacket(ctx context.Context, vppConn api.Connection, link netlink.Link) (interface_types.InterfaceIndex, error) {
-	afPacketCreate := &af_packet.AfPacketCreate{
+	afPacketCreate := &af_packet.AfPacketCreateV3{
+		Mode:       af_packet.AF_PACKET_API_MODE_ETHERNET,
 		HwAddr:     types.ToVppMacAddress(&link.Attrs().HardwareAddr),
 		HostIfName: link.Attrs().Name,
+		Flags:      af_packet.AF_PACKET_API_FLAG_VERSION_2,
 	}
 	now := time.Now()
-	afPacketCreateRsp, err := af_packet.NewServiceClient(vppConn).AfPacketCreate(ctx, afPacketCreate)
+	afPacketCreateRsp, err := af_packet.NewServiceClient(vppConn).AfPacketCreateV3(ctx, afPacketCreate)
 	if err != nil {
-		println("1")
 		return 0, err
 	}
 	log.FromContext(ctx).
 		WithField("swIfIndex", afPacketCreateRsp.SwIfIndex).
+		WithField("mode", afPacketCreate.Mode).
 		WithField("hwaddr", afPacketCreate.HwAddr).
 		WithField("hostIfName", afPacketCreate.HostIfName).
+		WithField("flags", afPacketCreate.Flags).
 		WithField("duration", time.Since(now)).
-		WithField("vppapi", "AfPacketCreate").Debug("completed")
+		WithField("vppapi", "AfPacketCreateV3").Debug("completed")
 
-	if err := setMtu(ctx, vppConn, link, afPacketCreateRsp.SwIfIndex); err != nil {
-		println("2")
-		return 0, err
-	}
 	return afPacketCreateRsp.SwIfIndex, nil
 }