diff --git a/aws/documentation/transit-gateway/lab-dmz.md b/aws/documentation/transit-gateway/lab-dmz.md
index d45c41f9..8d8f2bd6 100644
--- a/aws/documentation/transit-gateway/lab-dmz.md
+++ b/aws/documentation/transit-gateway/lab-dmz.md
@@ -133,7 +133,8 @@ which we will need another /16.  Ideally, it would be aggregatable to the "DMZ"
    1. 2.0/23 dmz-tgw-test
    1. 8.0/22 dmz-tgw-endpoints
    1. 12.0/22 (free)
-   1. 16.0/21 (free)
+   1. 16.0/21 dmz-tgw-inspection
+   1. 24.0/21 (free)
 1. Shared VPCs are in us-gov-east-1 10.132.0.0/15 and us-gov-west-1 10.134.0.0/15
    1. 0.0/20 dmz-services
    1. 16.0/20 dmz-common
@@ -162,14 +163,16 @@ which we will need another /16.  Ideally, it would be aggregatable to the "DMZ"
 
 ## TGW Route Tables
 
-Just as in the AWS internal configuration, we will have a TGW route table for each environment, and another one for the the VPN per environment:
+Just as in the AWS internal configuration, we will have a TGW route table for each environment, and another one for the the VPN per environment. We will also have
+a TGW route table for the inspection VPC and another one for cross-boundary (internal to dmz) routes.
 
 1. dmz-tgw-common
 1. dmz-tgw-test
+1. dmz-tgw-inspection
 1. vpn-dmz-tgw-common
 1. vpn-dmz-tgw-test
 
-VPN connectivity will be established to each of these.
+VPN connectivity will be established to each of the vpn route tables.
 
 We will allocate new [tunnel collection numbers](tunnel-numbers.md#values-tunnel-collection) and new [environments](tunnel-numbers.md#values-environment) for the DMZ.
 These will be used for the new tunnel numbers.
@@ -199,3 +202,6 @@ testing of this setup may involve using TGW peering among all 4 TGWs and specifi
 
 * 1.0.0 -- 2025-01-30
   - copy from dmz.md
+
+* 1.0.1 -- 2025-02-10
+  - update to add inspection stuff