diff --git a/.gitignore b/.gitignore
index 796ab4953..8fab5d65c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -56,6 +56,7 @@ utils/reports/
 utils/logs/
 utils/collect_iio_occ
 plots/
+multi_vms/generated/
 *.log
 *.out
 
diff --git a/multi_vms/run_vms.sh b/multi_vms/run_vms.sh
new file mode 100755
index 000000000..b60c0bc68
--- /dev/null
+++ b/multi_vms/run_vms.sh
@@ -0,0 +1,638 @@
+#!/bin/bash
+set -euo pipefail
+
+# ============================================================
+# Configuration
+# ============================================================
+
+# GUEST_CMD_LINE_NESTED="root=/dev/vda2 ro console=ttyS0,115200 earlyprintk=serial,ttyS0,115200 intel_iommu=on,sm_on iommu.strict=1 intel_iommu_pinned=on intel_iommu_dfp=on"
+GUEST_CMD_LINE_NESTED="root=/dev/vda2 ro console=ttyS0,115200 earlyprintk=serial,ttyS0,115200 intel_iommu=on,sm_on iommu.strict=1"
+GUEST_CMD_LINE_OFF="root=/dev/vda2 ro console=ttyS0,115200 earlyprintk=serial,ttyS0,115200 intel_iommu=off"
+
+# GUEST_KERNEL="6.12.9-iommufd-nested-iova-contig-cb-opt"
+# GUEST_KERNEL_PATH="/boot-VM/vmlinuz-$GUEST_KERNEL"
+# GUEST_INITRD_PATH="/boot-VM/initrd.img-$GUEST_KERNEL"
+GUEST_KERNEL="6.12.9-iommufd"
+GUEST_KERNEL_PATH="/boot/vmlinuz-$GUEST_KERNEL"
+GUEST_INITRD_PATH="/boot/initrd.img-$GUEST_KERNEL"
+GUEST_VIOMMU="off" # nested/off
+NUM_VMS=12
+NUM_CORES="2"
+NUM_IPRF="1"
+NUM_FLOWS="1"
+REUSE=0
+
+# --- Hardcoded experiment config ---
+GIT_REPO="/home/schai/viommu"
+GIT_BRANCH="many-vm-setup"
+VM_SCRIPT="cd /home/schai/viommu/scripts/sosp24-experiments; ./many_vm_flows_exp.sh"
+
+# --- Host paths (this script runs ON the host) ---
+HOST_HOME="/home/lbalara"
+HOST_FandS_REL="viommu/ManyVM-FandS"
+HOST_SETUP_DIR="${HOST_HOME}/${HOST_FandS_REL}/utils"
+
+# --- Client machine config ---
+CLIENT_HOME="/home/siyuanc3"
+CLIENT_FandS_REL="Fast-and-Safe-IO-Memory-Protection"
+CLIENT_SETUP_DIR_REL="utils"
+CLIENT_INTF="ens1006np0"
+CLIENT_IP="192.168.101.3"
+
+# Client SSH (from host -> client)
+CLIENT_SSH_UNAME="siyuanc3"
+CLIENT_SSH_HOST="nexus03.csl.illinois.edu"
+CLIENT_SSH_PASSWORD="saksham"
+CLIENT_USE_PASS_AUTH=0
+CLIENT_SSH_IDENTITY_FILE="/home/lbalara/.ssh/id_rsa"
+
+# Client kernel validation
+CLIENT_EXPECTED_KERNEL="6.12.9"
+CLIENT_EXPECTED_IOMMU="intel_iommu=off"
+
+# --- Network & experiment parameters ---
+MTU=4000
+DDIO_ENABLED=1
+RING_BUFFER_SIZE=512
+TCP_SOCKET_BUF_MB=1
+
+# --- VM SSH settings (host -> guest VMs) ---
+SSH_USER="schai"
+SSH_KEY="/home/lbalara/.ssh/id_rsa"
+SSH_OPTS="-i $SSH_KEY -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectTimeout=10 -o LogLevel=ERROR"
+
+XML_DIR="./generated"
+
+
+EXP_NAME=""
+IP_BASE="192.168.122.100"
+
+# --- SR-IOV settings ---
+VF_DRIVER="vfio-pci"
+
+# --- Timeouts ---
+BOOT_TIMEOUT=120  # seconds to poll SSH
+NIC_WAIT=120      # seconds to wait for guest NIC
+
+# --- Guest NIC interface name (SR-IOV VF) ---
+GUEST_NIC="enp0s1"
+
+# --- Host-side in-tree modules to push into guests ---
+HOST_MLX5_CORE="/lib/modules/$GUEST_KERNEL/kernel/drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko"
+HOST_MLXFW="/lib/modules/$GUEST_KERNEL/kernel/drivers/net/ethernet/mellanox/mlxfw/mlxfw.ko"
+
+# Save original directory
+ORIG_DIR="$(pwd)"
+
+# ============================================================
+# Argument parsing
+# ============================================================
+
+usage() {
+	cat <<-USAGE
+	Usage: $0 [OPTIONS]
+	  --num-cores N       Number of cores per VM experiment
+	  --num-flows N       Number of flows per VM experiment
+	  --num-vms N         Number of VMs (default: $NUM_VMS)
+	  --reuse             Reuse already-defined VMs (skip undefine/define, just start)
+	  --boot-timeout N    Seconds to wait for SSH per VM (default: $BOOT_TIMEOUT)
+	  -h, --help          Show this help
+	USAGE
+}
+
+while [[ $# -gt 0 ]]; do
+	case "$1" in
+	--num-vms)       NUM_VMS="$2";      shift 2 ;;
+	--num-cores)     NUM_CORES="$2";    shift 2 ;;
+	--num-flows)     NUM_FLOWS="$2";    shift 2 ;;
+	--reuse)         REUSE=1;           shift   ;;
+	--boot-timeout)  BOOT_TIMEOUT="$2"; shift 2 ;;
+	-h|--help)       usage; exit 0      ;;
+	*)               echo "Error: unknown option '$1'" >&2; usage >&2; exit 1 ;;
+	esac
+done
+
+if [[ -z "$NUM_CORES" || -z "$NUM_FLOWS" || -z "$NUM_VMS" || -z "$NUM_IPRF" ]]; then
+	echo "Error: --num-cores, --num-flows, --num-iperf, and --num-vms are required" >&2
+	usage >&2
+	exit 1
+fi
+
+# --- Build client SSH command ---
+CLIENT_SETUP_DIR="${CLIENT_HOME}/${CLIENT_FandS_REL}/${CLIENT_SETUP_DIR_REL}"
+
+if [ "$CLIENT_USE_PASS_AUTH" -eq 1 ]; then
+	SSH_CLIENT_CMD="sshpass -p $CLIENT_SSH_PASSWORD ssh ${CLIENT_SSH_UNAME}@${CLIENT_SSH_HOST}"
+else
+	SSH_CLIENT_CMD="ssh -i $CLIENT_SSH_IDENTITY_FILE ${CLIENT_SSH_UNAME}@${CLIENT_SSH_HOST}"
+fi
+
+GUEST_CMD_LINE=""
+if [[ "$GUEST_VIOMMU" == "nested" ]]; then
+  GUEST_CMD_LINE="$GUEST_CMD_LINE_NESTED"
+else
+  GUEST_CMD_LINE="$GUEST_CMD_LINE_OFF"
+fi
+
+# ============================================================
+# Helper functions
+# ============================================================
+
+log_info() {
+	echo "[INFO-$(date +%Y-%m-%d-%H:%M:%S)] [host] $1"
+}
+
+log_error() {
+	echo "[ERROR-$(date +%Y-%m-%d-%H:%M:%S)] [host] $1" >&2
+}
+
+parse_iommu_mode() {
+	local cmdline="${1:-$(</proc/cmdline)}"
+	local cl
+	cl="$(printf '%s' "$cmdline" | tr '[:upper:]' '[:lower:]')"
+
+	# Passthrough (separate case)
+	if [[ "$cl" =~ (^|[[:space:]])(iommu=pt|iommu\.passthrough=(1|on|y|yes|true))($|[[:space:]]) ]]; then
+		echo passthrough
+		return
+	fi
+
+	# Off
+	if [[ "$cl" =~ (^|[[:space:]])(noiommu|iommu=off|intel_iommu=off|amd_iommu=off)($|[[:space:]]) ]]; then
+		echo off
+		return
+	fi
+
+	# Strict
+	if [[ "$cl" =~ (^|[[:space:]])iommu\.strict=(1|on|y|yes|true)($|[[:space:]]) ]] || \
+	   [[ "$cl" =~ (^|[[:space:]])intel_iommu=([^[:space:]]*,)?strict([^[:space:]]*)($|[[:space:]]) ]] || \
+	   [[ "$cl" =~ (^|[[:space:]])amd_iommu=([^[:space:]]*,)?strict([^[:space:]]*)($|[[:space:]]) ]]; then
+		echo strict
+		return
+	fi
+
+	# Lazy (non-strict)
+	if [[ "$cl" =~ (^|[[:space:]])iommu\.strict=(0|off|n|no|false)($|[[:space:]]) ]] || \
+	   [[ "$cl" =~ (^|[[:space:]])intel_iommu=([^[:space:]]*,)?nonstrict([^[:space:]]*)($|[[:space:]]) ]] || \
+	   [[ "$cl" =~ (^|[[:space:]])amd_iommu=([^[:space:]]*,)?nonstrict([^[:space:]]*)($|[[:space:]]) ]]; then
+		echo lazy
+		return
+	fi
+
+	# Explicitly enabled but no strictness specified → assume strict
+	if [[ "$cl" =~ (^|[[:space:]])(iommu=on|intel_iommu=on|amd_iommu=on)($|[[:space:]]) ]]; then
+		echo strict
+		return
+	fi
+
+	# Default if unspecified
+	echo strict
+}
+
+vm_ip() {
+	local idx=$1
+	local prefix="${IP_BASE%.*}"
+	local base_last_octet="${IP_BASE##*.}"
+	echo "${prefix}.$((base_last_octet + idx))"
+}
+
+destroy_all_running_vms() {
+	log_info "Shutting down any running VMs..."
+	for vm in $(virsh list --name 2>/dev/null | grep -v '^$'); do
+		echo "  Destroying: $vm"
+		virsh destroy "$vm" 2>/dev/null || true
+	done
+	sleep 2
+}
+
+wait_for_ssh() {
+	local ip=$1
+	local name=$2
+	local elapsed=0
+
+	while [[ $elapsed -lt $BOOT_TIMEOUT ]]; do
+		if ssh $SSH_OPTS "$SSH_USER@$ip" true 2>/dev/null; then
+			echo "  ${name} (${ip}): SSH reachable after ${elapsed}s"
+			return 0
+		fi
+		sleep 5
+		elapsed=$((elapsed + 5))
+	done
+
+	log_error "${name} (${ip}): SSH not reachable after ${BOOT_TIMEOUT}s"
+	return 1
+}
+
+wait_for_nic() {
+	local ip=$1
+	local name=$2
+
+	if ssh $SSH_OPTS "$SSH_USER@$ip" "ip link show $GUEST_NIC" &>/dev/null; then
+		echo "  ${name} (${ip}): $GUEST_NIC already up"
+		return 0
+	fi
+
+	echo "  ${name} (${ip}): $GUEST_NIC not found, pushing in-tree mlx5 modules..."
+	scp $SSH_OPTS "$HOST_MLX5_CORE" "$HOST_MLXFW" "$SSH_USER@$ip:/tmp/" &>/dev/null
+	scp $SSH_OPTS /tmp/modules.tar.gz "$SSH_USER@$ip:/tmp/" &>/dev/null
+
+	ssh $SSH_OPTS "$SSH_USER@$ip" "
+		sudo tar xzf /tmp/modules.tar.gz -C /lib/modules/$(uname -r)/
+		sudo rm -f /lib/modules/\$(uname -r)/updates/dkms/mlx5_core.ko \
+		           /lib/modules/\$(uname -r)/updates/dkms/mlx5-vfio-pci.ko \
+		           /lib/modules/\$(uname -r)/updates/dkms/mlxfw.ko \
+		           /lib/modules/\$(uname -r)/updates/dkms/mlx_compat.ko \
+		           /lib/modules/\$(uname -r)/updates/dkms/mlxdevm.ko
+		sudo mkdir -p /lib/modules/\$(uname -r)/kernel/drivers/net/ethernet/mellanox/mlx5/core
+		sudo mkdir -p /lib/modules/\$(uname -r)/kernel/drivers/net/ethernet/mellanox/mlxfw
+		sudo cp /tmp/mlx5_core.ko /lib/modules/\$(uname -r)/kernel/drivers/net/ethernet/mellanox/mlx5/core/
+		sudo cp /tmp/mlxfw.ko /lib/modules/\$(uname -r)/kernel/drivers/net/ethernet/mellanox/mlxfw/
+		sudo depmod -a 2>/dev/null
+		sudo modprobe mlx5_core 2>/dev/null
+		sudo modprobe msr 2>/dev/null
+	" &>/dev/null
+
+	local elapsed=0
+	while [[ $elapsed -lt $NIC_WAIT ]]; do
+		if ssh $SSH_OPTS "$SSH_USER@$ip" "ip link show $GUEST_NIC" &>/dev/null; then
+			echo "  ${name} (${ip}): $GUEST_NIC ready after ${elapsed}s"
+			return 0
+		fi
+		sleep 5
+		elapsed=$((elapsed + 5))
+		echo "  ${name} (${ip}): waiting for $GUEST_NIC... (${elapsed}s/${NIC_WAIT}s)"
+	done
+
+	log_error "${name} (${ip}): $GUEST_NIC not found after ${NIC_WAIT}s"
+	return 1
+}
+
+sync_git_repo() {
+	local ip=$1
+	local name=$2
+
+	echo "  ${name} (${ip}): git checkout ${GIT_BRANCH} + pull..."
+	ssh $SSH_OPTS "$SSH_USER@$ip" "
+		cd ${GIT_REPO} && \
+		git fetch --all && \
+		git reset --hard HEAD && \
+		git checkout ${GIT_BRANCH} && \
+		git reset --hard origin/${GIT_BRANCH}
+	"
+	if [[ $? -ne 0 ]]; then
+		log_error "${name} (${ip}): git sync failed"
+		return 1
+	fi
+	echo "  ${name} (${ip}): git repo synced"
+}
+
+# --- Client kernel check (run once from host) ---
+check_client_kernel() {
+	log_info "Checking client kernel and IOMMU config..."
+
+	local client_kernel
+	client_kernel=$($SSH_CLIENT_CMD 'uname -r')
+	local client_cmdline
+	client_cmdline=$($SSH_CLIENT_CMD 'cat /proc/cmdline')
+
+	if [[ "$client_kernel" != *"$CLIENT_EXPECTED_KERNEL"* ]]; then
+		log_error "Client kernel mismatch. Expected: $CLIENT_EXPECTED_KERNEL, Actual: $client_kernel"
+		return 1
+	fi
+
+	if [[ "$client_cmdline" != *"$CLIENT_EXPECTED_IOMMU"* ]]; then
+		log_error "Client IOMMU mismatch. Expected: $CLIENT_EXPECTED_IOMMU, Actual: $client_cmdline"
+		return 1
+	fi
+
+	log_info "Client kernel check PASSED (kernel=$client_kernel)"
+}
+
+# --- Client environment setup (run once from host before experiments) ---
+setup_client() {
+	log_info "Setting up client environment on $CLIENT_SSH_HOST..."
+
+	# Disable flow control
+	log_info "Disabling TX/RX pause on client interface $CLIENT_INTF"
+	$SSH_CLIENT_CMD "sudo ethtool --pause $CLIENT_INTF tx off rx off"
+
+	# Disable SMT
+	log_info "Disabling SMT on client"
+	$SSH_CLIENT_CMD "echo off | sudo tee /sys/devices/system/cpu/smt/control"
+
+	# Run client setup-envir.sh
+	log_info "Running client setup-envir.sh..."
+	$SSH_CLIENT_CMD "cd '$CLIENT_SETUP_DIR'; \
+		sudo bash setup-envir.sh \
+			--dep '$CLIENT_HOME' \
+			--intf '$CLIENT_INTF' \
+			--ip '$CLIENT_IP' \
+			-m '$MTU' \
+			-d '$DDIO_ENABLED' \
+			-r '$RING_BUFFER_SIZE' \
+			--socket-buf '$TCP_SOCKET_BUF_MB' \
+			--hwpref 1 --rdma 0 --pfc 0 --ecn 1 --opt 1"
+
+	$SSH_CLIENT_CMD "sudo pkill -9 -f iperf"
+
+	log_info "Client setup complete"
+}
+
+# --- Host environment setup (run locally, this IS the host) ---
+setup_host() {
+	log_info "Setting up host environment..."
+
+	cd "$HOST_SETUP_DIR" || { log_error "Failed to cd to $HOST_SETUP_DIR"; return 1; }
+	sudo bash setup-host.sh \
+		-m "$MTU" \
+		--socket-buf "$TCP_SOCKET_BUF_MB" \
+		--hwpref 1 --rdma 0 --ecn 1
+	cd "$ORIG_DIR"
+
+	log_info "Host setup complete"
+}
+
+# --- Cleanup (post-experiment) ---
+cleanup() {
+	echo ""
+	log_info "=== Cleanup ==="
+
+	# Sync guest filesystems
+	log_info "Syncing VM filesystems..."
+	for ((i = 0; i < NUM_VMS; i++)); do
+		local ip
+		ip=$(vm_ip "$i")
+		ssh $SSH_OPTS "$SSH_USER@$ip" "sync" 2>/dev/null || true
+	done
+	sleep 2
+
+	# Destroy VMs and kill console loggers
+	log_info "Destroying VMs..."
+	for ((i = 0; i < NUM_VMS; i++)); do
+		echo "  Destroying: ${vm_names[$i]}"
+		virsh destroy "${vm_names[$i]}" 2>/dev/null || true
+		if [[ -n "${console_pids[$i]:-}" ]]; then
+			kill "${console_pids[$i]}" 2>/dev/null || true
+			wait "${console_pids[$i]}" 2>/dev/null || true
+		fi
+	done
+
+	# Reset SR-IOV
+	log_info "Resetting SR-IOV..."
+	sudo ./sriov_undo.sh
+
+	# Host reset
+	log_info "Running host reset..."
+	cd "$HOST_SETUP_DIR" || { log_error "Failed to cd to $HOST_SETUP_DIR"; return; }
+	sudo ./reset-host.sh
+	cd "$ORIG_DIR"
+
+	log_info "=== Cleanup complete ==="
+}
+
+# ============================================================
+# Main
+# ============================================================
+
+host_cmdline=$(cat /proc/cmdline)
+host_iommu_config=$(parse_iommu_mode "$host_cmdline")
+
+iommu_config="host-${host_iommu_config}-guest-${GUEST_VIOMMU}"
+echo "iommu_config: $iommu_config"
+
+log_info "Doing sriov undo"
+sudo ./sriov_undo.sh
+
+# --- Step 1: Generate XML files ---
+if [[ $REUSE -eq 0 ]]; then
+	rm -rf ./generated
+	./xml_generator.sh --kernel "$GUEST_KERNEL_PATH" --initrd "$GUEST_INITRD_PATH" --cmdline "$GUEST_CMD_LINE" \
+		--vcpus $NUM_CORES --num-vms $NUM_VMS --viommu $GUEST_VIOMMU
+fi
+
+timestamp=$(date '+%Y-%m-%d-%H-%M-%S')
+EXP_NAME="${timestamp}-$GUEST_KERNEL-MANY-flow${NUM_FLOWS}-${iommu_config}-${NUM_CORES}cores-${NUM_IPRF}iprf"
+
+echo "============================================================"
+echo "  VM Benchmark Runner"
+echo "============================================================"
+echo "  VMs:       ${NUM_VMS}"
+echo "  XML dir:   ${XML_DIR}"
+echo "  Reuse:     ${REUSE}"
+echo "  Branch:    ${GIT_BRANCH}"
+echo "  Cores:     ${NUM_CORES}"
+echo "  Iperf:     ${NUM_IPRF}"
+echo "  Flows:     ${NUM_FLOWS}"
+echo "  Exp name:  ${EXP_NAME}"
+echo "  MTU:       ${MTU}"
+echo "  Ring buf:  ${RING_BUFFER_SIZE}"
+echo "  Socket buf: ${TCP_SOCKET_BUF_MB} MB"
+echo "============================================================"
+echo ""
+
+# --- Step 2: Discover XML files and VM names ---
+log_info "Step 1: Discovering VM XML files..."
+xml_files=()
+for f in "${XML_DIR}"/*.xml; do
+	[[ -f "$f" ]] || continue
+	xml_files+=("$f")
+done
+
+if [[ ${#xml_files[@]} -lt $NUM_VMS ]]; then
+	log_error "Found ${#xml_files[@]} XML files in ${XML_DIR}, need ${NUM_VMS}"
+	exit 1
+fi
+
+IFS=$'\n' xml_files=($(sort <<<"${xml_files[*]}")); unset IFS
+
+vm_names=()
+for ((i = 0; i < NUM_VMS; i++)); do
+	xml="${xml_files[$i]}"
+	vm_name=$(grep -oP '(?<=<name>)[^<]+' "$xml")
+	vm_names+=("$vm_name")
+	echo "  VM${i}: ${vm_name}"
+done
+
+# --- Step 3: Destroy any running VMs ---
+echo ""
+log_info "Step 3: Destroying any running VMs..."
+destroy_all_running_vms
+
+# --- Step 4: Define or reuse VMs ---
+echo ""
+if [[ $REUSE -eq 0 ]]; then
+	log_info "Step 4: Defining VMs from ${XML_DIR}..."
+	for ((i = 0; i < NUM_VMS; i++)); do
+		xml="${xml_files[$i]}"
+		name="${vm_names[$i]}"
+
+		if virsh dominfo "$name" &>/dev/null; then
+			echo "  ${name}: already exists, undefining..."
+			virsh undefine "$name" 2>/dev/null || true
+		fi
+
+		virsh define "$xml"
+		echo "  Defined: ${name} (from ${xml})"
+	done
+else
+	log_info "Step 4: Reusing already-defined VMs..."
+	for ((i = 0; i < NUM_VMS; i++)); do
+		name="${vm_names[$i]}"
+		if ! virsh dominfo "$name" &>/dev/null; then
+			log_error "${name} is not defined. Run without --reuse first."
+			exit 1
+		fi
+		echo "  Reusing: ${name}"
+	done
+fi
+
+# --- Step 5: Check client kernel ---
+echo ""
+log_info "Step 5: Checking client kernel..."
+if ! check_client_kernel; then
+	log_error "Client kernel check failed, aborting"
+	cleanup
+	exit 1
+fi
+
+# --- Step 6: Setup client environment ---
+# Setup before so we have access to device
+echo ""
+log_info "Step 6: Setting up client environment..."
+if ! setup_client; then
+	log_error "Client setup failed, aborting"
+	cleanup
+	exit 1
+fi
+
+# --- Step 7: Configure SR-IOV ---
+echo ""
+log_info "Step 7: Configuring SR-IOV (${NUM_VMS} VFs)..."
+sudo ./sriov.sh "$NUM_VMS"
+
+# --- Step 8: Start all VMs + attach console loggers ---
+echo ""
+log_info "Step 8: Starting VMs..."
+console_pids=()
+for ((i = 0; i < NUM_VMS; i++)); do
+	name="${vm_names[$i]}"
+	virsh start "$name"
+	sleep 2
+	script -q -c "virsh console $name" "${name}.log" > /dev/null 2>&1 &
+	console_pids+=($!)
+	echo "  Started: ${name} (console -> ${name}.log)"
+done
+
+# --- Step 9: Wait for SSH on all VMs ---
+echo ""
+log_info "Step 9: Waiting for SSH (timeout: ${BOOT_TIMEOUT}s per VM)..."
+failed=0
+for ((i = 0; i < NUM_VMS; i++)); do
+	ip=$(vm_ip "$i")
+	if ! wait_for_ssh "$ip" "${vm_names[$i]}"; then
+		failed=$((failed + 1))
+	fi
+done
+
+if [[ $failed -gt 0 ]]; then
+	log_error "${failed} VM(s) not reachable via SSH, aborting"
+	cleanup
+	exit 1
+fi
+
+# --- Step 10: Fix mlx5 modules and wait for guest NIC ---
+echo ""
+log_info "Step 10: Waiting for guest NIC ($GUEST_NIC)..."
+failed=0
+tar czf /tmp/modules.tar.gz -C /lib/modules/$GUEST_KERNEL .
+for ((i = 0; i < NUM_VMS; i++)); do
+	ip=$(vm_ip "$i")
+	if ! wait_for_nic "$ip" "${vm_names[$i]}"; then
+		failed=$((failed + 1))
+	fi
+done
+
+if [[ $failed -gt 0 ]]; then
+	log_error "${failed} VM(s) missing $GUEST_NIC, aborting"
+	cleanup
+	exit 1
+fi
+
+# --- Step 11: Sync git repo on all VMs ---
+echo ""
+log_info "Step 11: Syncing git repo (${GIT_BRANCH})..."
+failed=0
+for ((i = 0; i < NUM_VMS; i++)); do
+	ip=$(vm_ip "$i")
+	if ! sync_git_repo "$ip" "${vm_names[$i]}"; then
+		failed=$((failed + 1))
+	fi
+done
+
+if [[ $failed -gt 0 ]]; then
+	log_error "${failed} VM(s) failed git sync, aborting"
+	cleanup
+	exit 1
+fi
+
+
+# --- Step 12: Setup host environment ---
+echo ""
+log_info "Step 12: Setting up host environment..."
+if ! setup_host; then
+	log_error "Host setup failed, aborting"
+	cleanup
+	exit 1
+fi
+
+# --- Step 13: Run experiment on all VMs simultaneously ---
+echo ""
+log_info "Step 13: Launching experiments on all VMs..."
+echo "  Script:    ${VM_SCRIPT}"
+echo "  Cores:     ${NUM_CORES}"
+echo "  Iperf:     ${NUM_IPRF}"
+echo "  Flows:     ${NUM_FLOWS}"
+echo "  Exp name:  ${EXP_NAME}"
+echo ""
+
+ssh_pids=()
+for ((i = 0; i < NUM_VMS; i++)); do
+	ip=$(vm_ip "$i")
+	name="${vm_names[$i]}"
+
+	vm_cmd="${VM_SCRIPT} --vm-name ${name} --num-cores ${NUM_IPRF} --num-flows ${NUM_FLOWS} --exp-name ${EXP_NAME}-${name}"
+	ssh $SSH_OPTS "$SSH_USER@$ip" "$vm_cmd" &>"${name}_experiment.log" &
+	ssh_pids+=($!)
+	echo "  Launched on ${name} (${ip}), log -> ${name}_experiment.log"
+done
+
+echo ""
+log_info "All experiments launched. Waiting for completion..."
+
+any_failed=false
+for ((i = 0; i < NUM_VMS; i++)); do
+	name="${vm_names[$i]}"
+	wait "${ssh_pids[$i]}"
+	rc=$?
+	if [[ $rc -eq 0 ]]; then
+		echo "  ${name}: finished (exit 0)"
+	else
+		echo "  ${name}: FAILED (exit $rc)"
+		any_failed=true
+	fi
+done
+
+# --- Step 14: Cleanup ---
+echo ""
+log_info "Step 14: Cleanup..."
+cleanup
+
+if [[ "$any_failed" == true ]]; then
+	echo ""
+	log_info "=== Experiment finished with ERRORS (check *_experiment.log files) ==="
+	exit 1
+else
+	echo ""
+	log_info "=== Experiment finished successfully ==="
+	exit 0
+fi
\ No newline at end of file
diff --git a/multi_vms/sriov.sh b/multi_vms/sriov.sh
new file mode 100755
index 000000000..e22f5198e
--- /dev/null
+++ b/multi_vms/sriov.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+
+set -euo pipefail
+
+PF_BDF="0000:98:00.0"
+NUM_VFS="${1:?Usage: $0 <num_vfs>}"
+PF_SYSFS="/sys/bus/pci/devices/$PF_BDF"
+
+log_info()  { echo "[INFO]  $1"; }
+log_warn()  { echo "[WARN]  $1"; }
+log_error() { echo "[ERROR] $1"; }
+
+[[ $EUID -eq 0 ]] || { echo "Run as root."; exit 1; }
+
+get_drv() {
+    local d="/sys/bus/pci/devices/$1/driver"
+    if [[ -L "$d" ]]; then
+        basename "$(readlink "$d")"
+    else
+        echo "none"
+    fi
+}
+
+modprobe -q mlx5_core || true
+pf_drv=$(get_drv "$PF_BDF")
+echo "PF driver: $pf_drv"
+ 
+if [[ "$pf_drv" != "mlx5_core" ]]; then
+    if [[ "$pf_drv" != "none" ]]; then
+        echo "$PF_BDF" > "/sys/bus/pci/drivers/$pf_drv/unbind"
+    fi
+    echo "mlx5_core" > "$PF_SYSFS/driver_override"
+    echo "$PF_BDF" > /sys/bus/pci/drivers_probe
+    echo "" > "$PF_SYSFS/driver_override"
+    echo "PF bound to mlx5_core"
+fi
+
+echo 0 > "$PF_SYSFS/sriov_numvfs"
+echo "$NUM_VFS" > "$PF_SYSFS/sriov_numvfs"
+echo "Created $NUM_VFS VFs"
+
+modprobe -q vfio-pci
+echo 1 | sudo tee /sys/module/vfio_pci/parameters/enable_sriov
+
+for i in $(seq 0 $((NUM_VFS - 1))); do
+    vf_bdf=$(basename "$(readlink -f "$PF_SYSFS/virtfn${i}")")
+    vf_drv=$(basename "$(readlink -f "/sys/bus/pci/devices/$vf_bdf/driver")" 2>/dev/null || echo "none")
+    [[ "$vf_drv" != "none" ]] && echo "$vf_bdf" > "/sys/bus/pci/drivers/$vf_drv/unbind"
+    echo "vfio-pci" > "/sys/bus/pci/devices/$vf_bdf/driver_override"
+    echo "$vf_bdf" > /sys/bus/pci/drivers_probe
+    echo "" > "/sys/bus/pci/devices/$vf_bdf/driver_override"
+    grp=$(basename "$(readlink -f "/sys/bus/pci/devices/$vf_bdf/iommu_group")")
+    echo "VF $((i+1)): $vf_bdf  iommu_group=$grp"
+done
diff --git a/multi_vms/sriov_undo.sh b/multi_vms/sriov_undo.sh
new file mode 100755
index 000000000..55232132e
--- /dev/null
+++ b/multi_vms/sriov_undo.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+PF_BDF="0000:98:00.0"
+PF_SYSFS="/sys/bus/pci/devices/$PF_BDF"
+
+get_drv() {
+    local d="/sys/bus/pci/devices/$1/driver"
+    if [[ -L "$d" ]]; then
+        basename "$(readlink "$d")"
+    else
+        echo "none"
+    fi
+}
+
+modprobe -q mlx5_core || true
+pf_drv=$(get_drv "$PF_BDF")
+echo "PF driver: $pf_drv"
+
+
+if [[ "$pf_drv" != "mlx5_core" ]]; then
+    if [[ "$pf_drv" != "none" ]]; then
+        echo "$PF_BDF" > "/sys/bus/pci/drivers/$pf_drv/unbind"
+    fi
+    echo "mlx5_core" > "$PF_SYSFS/driver_override"
+    echo "$PF_BDF" > /sys/bus/pci/drivers_probe
+    echo "" > "$PF_SYSFS/driver_override"
+    echo "PF bound to mlx5_core"
+fi
+
+# Destroy VFS
+echo 0 > "$PF_SYSFS/sriov_numvfs"
+
+# Rebind physical function for passthrough
+# echo "0000:98:00.0" | sudo tee /sys/bus/pci/drivers/mlx5_core/unbind
+# echo "vfio-pci" | sudo tee /sys/bus/pci/devices/0000:98:00.0/driver_override
+# echo "0000:98:00.0" | sudo tee /sys/bus/pci/drivers/vfio-pci/bind
+
diff --git a/multi_vms/xml_generator.sh b/multi_vms/xml_generator.sh
new file mode 100755
index 000000000..018d1974a
--- /dev/null
+++ b/multi_vms/xml_generator.sh
@@ -0,0 +1,299 @@
+#!/bin/bash
+# Generate libvirt XML configs for nested vIOMMU VMs with VFIO passthrough.
+#
+# Each VM gets:
+#   - VF at 0000:98:00.<i+1>
+#   - Disk at /data/server_small_<i>.qcow2
+#   - vCPUs pinned starting at cpuset 64 + i * vcpus
+#   - Unique MAC address
+#
+# Usage:
+#   ./xml-generator.sh --kernel /boot/vmlinuz-6.12.9-iommufd \
+#                   --initrd /boot/initrd.img-6.12.9-iommufd \
+#                   --vcpus 16 --num-vms 4 --viommu on \
+#                   --cmdline "root=/dev/vda2 ro console=ttyS0,115200 intel_iommu=on,sm_on iommu.strict=1"
+
+set -euo pipefail
+
+# --- Defaults ---
+NUM_VMS=2
+VCPUS=16
+VIOMMU="nested"
+KERNEL="/boot/vmlinuz-6.12.9-iommufd"
+INITRD="/boot/initrd.img-6.12.9-iommufd"
+CMDLINE="root=/dev/vda2 ro console=ttyS0,115200 earlyprintk=serial,ttyS0,115200 intel_iommu=on,sm_on iommu.strict=1"
+TAG="vanilla"
+OUTPUT_DIR="./generated"
+
+QEMU_BIN="/home/lbalara/viommu/qemu-nested/build/qemu-system-x86_64"
+BIOS="/home/lbalara/viommu/qemu-nested/pc-bios/bios-256k.bin"
+
+# --- Mostly static configs ---
+CPU_START=64
+NUMA_NODE=2
+MEMORY_KIB=14680064  # 32 GiB
+
+MAX_VMS=16
+
+usage() {
+	cat <<-USAGE
+	Usage: $0 [OPTIONS]
+
+	Required:
+	  --kernel PATH       Full path to kernel image
+	  --initrd PATH       Full path to initrd image
+	  --cmdline STRING    Full kernel command line
+
+	Optional:
+	  --vcpus N           vCPUs per VM (default: 16)
+	  --num-vms N         Number of VMs to generate, max $MAX_VMS (default: 2)
+	  --viommu nested|off     Enable vIOMMU + iommufd passthrough (default: nested)
+	  --qemu PATH         QEMU binary path (default: $QEMU_BIN)
+	  --bios PATH         BIOS image path (default: $BIOS)
+	  --output-dir DIR    Output directory for XML files (default: .)
+	  --cpu-start N       First physical CPU for pinning (default: $CPU_START)
+	  --numa-node N       NUMA node for memory binding (default: $NUMA_NODE)
+	  -h, --help          Show this help
+	USAGE
+}
+
+# --- Parse arguments ---
+while [[ $# -gt 0 ]]; do
+	case "$1" in
+	--kernel)      KERNEL="$2";     shift 2 ;;
+	--initrd)      INITRD="$2";     shift 2 ;;
+	--cmdline)     CMDLINE="$2";    shift 2 ;;
+	--vcpus)       VCPUS="$2";      shift 2 ;;
+	--num-vms)     NUM_VMS="$2";    shift 2 ;;
+	--viommu)      VIOMMU="$2";     shift 2 ;;
+	--qemu)        QEMU_BIN="$2";   shift 2 ;;
+	--bios)        BIOS="$2";       shift 2 ;;
+	--output-dir)  OUTPUT_DIR="$2"; shift 2 ;;
+	--cpu-start)   CPU_START="$2";  shift 2 ;;
+	--numa-node)   NUMA_NODE="$2";  shift 2 ;;
+  --tag)         TAG="$2";        shift 2 ;;
+	-h|--help)     usage; exit 0    ;;
+	*)             echo "Error: unknown option '$1'" >&2; usage >&2; exit 1 ;;
+	esac
+done
+
+# --- Validate ---
+err=0
+for var in KERNEL INITRD CMDLINE; do
+	if [[ -z "${!var}" ]]; then
+		echo "Error: --$(echo "$var" | tr '[:upper:]' '[:lower:]') is required" >&2
+		err=1
+	fi
+done
+[[ $err -ne 0 ]] && exit 1
+
+if [[ "$VIOMMU" != "nested" && "$VIOMMU" != "off" ]]; then
+	echo "Error: --viommu must be 'nested' or 'off'" >&2
+	exit 1
+fi
+
+if [[ "$NUM_VMS" -lt 1 || "$NUM_VMS" -gt "$MAX_VMS" ]]; then
+	echo "Error: --num-vms must be between 1 and $MAX_VMS" >&2
+	exit 1
+fi
+
+mkdir -p "$OUTPUT_DIR"
+
+# --- Helper: generate vcpupin entries ---
+gen_vcpupin() {
+	local cpu_base=$1
+	local nvcpus=$2
+	local i
+
+	for ((i = 0; i < nvcpus; i++)); do
+		printf "    <vcpupin vcpu='%d' cpuset='%d'/>\n" "$i" "$((cpu_base + i))"
+	done
+}
+
+# --- Helper: generate pcie-root-port controllers ---
+gen_pcie_root_ports() {
+	local idx
+	local port
+	local slot
+	local func
+
+	for ((idx = 1; idx <= 14; idx++)); do
+		port=$((0x0f + idx))
+		if [[ $idx -le 8 ]]; then
+			slot=2
+			func=$((idx - 1))
+		else
+			slot=3
+			func=$((idx - 9))
+		fi
+
+		local mf=""
+		if [[ $func -eq 0 ]]; then
+			mf=" multifunction='on'"
+		fi
+
+		cat <<-PORT
+		    <controller type='pci' index='$idx' model='pcie-root-port'>
+		      <model name='pcie-root-port'/>
+		      <target chassis='$idx' port='$(printf '0x%x' "$port")'/>
+		      <address type='pci' domain='0x0000' bus='0x00' slot='$(printf '0x%02x' "$slot")' function='$(printf '0x%x' "$func")'${mf}/>
+		    </controller>
+		PORT
+	done
+}
+
+# --- Generate VM XMLs ---
+for ((vm = 0; vm < NUM_VMS; vm++)); do
+	vm_name="${TAG}-generated-iommufd-${VIOMMU}-vcpu${VCPUS}-vm${vm}"
+  vf_num=$((vm + 1))
+  vf_dev=$(printf '%02x' $((vf_num / 8)))
+  vf_func=$((vf_num % 8))
+  vf_pci="0000:98:${vf_dev}.${vf_func}"
+  if [[ $vm -eq 0 ]]; then
+    disk="/data/server_small.qcow2"
+  else
+    disk="/data/server_small${vf_num}.qcow2"
+  fi
+	cpu_base=$((CPU_START + vm * VCPUS))
+	mac_last=$(printf '%02x' $(( (0xe2 + vm) & 0xff )))
+	mac="52:54:00:14:26:${mac_last}"
+	outfile="${OUTPUT_DIR}/${TAG}-iommufd-${VIOMMU}-vcpu${VCPUS}-vm${vm}.xml"
+
+	cat > "$outfile" <<EOF
+<domain type='kvm' xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'>
+  <name>${vm_name}</name>
+  <metadata>
+    <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
+      <libosinfo:os id="http://ubuntu.com/ubuntu/20.04"/>
+    </libosinfo:libosinfo>
+  </metadata>
+  <memory unit='KiB'>${MEMORY_KIB}</memory>
+  <currentMemory unit='KiB'>${MEMORY_KIB}</currentMemory>
+  <vcpu placement='static'>${VCPUS}</vcpu>
+  <numatune>
+    <memory mode='strict' nodeset='${NUMA_NODE}'/>
+  </numatune>
+  <cputune>
+$(gen_vcpupin "$cpu_base" "$VCPUS")
+  </cputune>
+  <resource>
+    <partition>/machine</partition>
+  </resource>
+  <os>
+    <type arch='x86_64' machine='q35'>hvm</type>
+    <kernel>${KERNEL}</kernel>
+    <initrd>${INITRD}</initrd>
+    <cmdline>${CMDLINE}</cmdline>
+    <loader>${BIOS}</loader>
+    <boot dev='hd'/>
+  </os>
+  <features>
+    <acpi/>
+    <apic/>
+    <ioapic driver='qemu'/>
+  </features>
+  <cpu mode='host-passthrough' check='none'/>
+  <clock offset='utc'>
+    <timer name='rtc' tickpolicy='catchup'/>
+    <timer name='pit' tickpolicy='delay'/>
+  </clock>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <pm>
+    <suspend-to-mem enabled='no'/>
+    <suspend-to-disk enabled='no'/>
+  </pm>
+  <devices>
+    <emulator>${QEMU_BIN}</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2' discard='unmap'/>
+      <source file='${disk}' index='2'/>
+      <backingStore/>
+      <target dev='vda' bus='virtio'/>
+      <alias name='virtio-disk0'/>
+      <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
+    </disk>
+    <disk type='file' device='cdrom'>
+      <driver name='qemu'/>
+      <target dev='sda' bus='sata'/>
+      <readonly/>
+      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+    </disk>
+    <controller type='usb' index='0' model='qemu-xhci' ports='15'>
+      <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
+    </controller>
+    <controller type='pci' index='0' model='pcie-root'/>
+$(gen_pcie_root_ports)
+    <controller type='sata' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
+    </controller>
+    <controller type='virtio-serial' index='0'>
+      <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
+    </controller>
+    <interface type='network'>
+      <mac address='${mac}'/>
+      <source network='default'/>
+      <model type='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
+    </interface>
+    <serial type='pty'>
+      <target type='isa-serial' port='0'>
+        <model name='isa-serial'/>
+      </target>
+    </serial>
+    <console type='pty'>
+      <target type='serial' port='0'/>
+      <alias name='serial0'/>
+    </console>
+    <channel type='unix'>
+      <target type='virtio' name='org.qemu.guest_agent.0' state='disconnected'/>
+      <alias name='channel0'/>
+      <address type='virtio-serial' controller='0' bus='0' port='1'/>
+    </channel>
+    <input type='tablet' bus='usb'>
+      <alias name='input0'/>
+      <address type='usb' bus='0' port='1'/>
+    </input>
+    <input type='mouse' bus='ps2'>
+      <alias name='input1'/>
+    </input>
+    <input type='keyboard' bus='ps2'>
+      <alias name='input2'/>
+    </input>
+    <video>
+      <model type='virtio' heads='1' primary='yes'/>
+      <alias name='video0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
+    </video>
+    <memballoon model='virtio'>
+      <alias name='balloon0'/>
+      <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
+    </memballoon>
+    <rng model='virtio'>
+      <backend model='random'>/dev/urandom</backend>
+      <alias name='rng0'/>
+      <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
+    </rng>
+  </devices>
+  <seclabel type='dynamic' model='dac' relabel='yes'>
+    <label>+64055:+108</label>
+    <imagelabel>+64055:+108</imagelabel>
+  </seclabel>
+  <qemu:commandline>
+    <qemu:arg value='-M'/>
+    <qemu:arg value='kernel_irqchip=split'/>
+    <qemu:arg value='-object'/>
+    <qemu:arg value='iommufd,id=iommufd0'/>
+    <qemu:arg value='-device'/>
+    <qemu:arg value='intel-iommu,intremap=on,caching-mode=on,x-scalable-mode=on,x-flts=on'/>
+    <qemu:arg value='-device'/>
+    <qemu:arg value='vfio-pci,host=${vf_pci},id=hostdev0,iommufd=iommufd0'/>
+  </qemu:commandline>
+</domain>
+EOF
+
+	echo "Generated: ${outfile}  (${vm_name}, VF=${vf_pci}, CPUs=${cpu_base}-$((cpu_base + VCPUS - 1)), disk=${disk})"
+done
+
+echo "Done: ${NUM_VMS} VM config(s) in ${OUTPUT_DIR}/"
\ No newline at end of file
diff --git a/scripts/many-vm-collect-tput-stats.py b/scripts/many-vm-collect-tput-stats.py
new file mode 100755
index 000000000..c8f767604
--- /dev/null
+++ b/scripts/many-vm-collect-tput-stats.py
@@ -0,0 +1,161 @@
+import sys
+import numpy as np
+import statistics
+import subprocess
+import os
+import csv
+
+# TODO: Leshna, Combine both vm and baremetal stat collector with file names as parameters.
+
+EXP_NAME = sys.argv[1]
+NUM_RUNS = int(sys.argv[2])
+COLLECT_MLC_TPUT = int(sys.argv[3])
+
+FILE_NAME = "../utils/reports/" + EXP_NAME
+command = 'mkdir -p ' + FILE_NAME
+result = subprocess.run(command, shell=True, capture_output=True, text=True)
+
+net_tputs = []
+retx_rates = []
+sent_packets = []
+mem_bws = []
+cpu_utils = []
+mlc_tputs = []
+
+pcie_wr_tput = []
+iotlb_first_lookup = []
+iotlb_all_lookup = []
+iotlb_miss = []
+iommu_mem_access = []
+iotlb_inv = []
+pwt_occupancy = []
+mem_used = []
+
+
+# iotlb_hits = []
+# ctx_lookup = []
+# ctx_hits   = []
+# ctxt_misses = []
+# cache_lookup   = []
+# cache_hit_256T = []
+# cache_hit_512G = []
+# cache_hit_1G   = []
+# cache_hit_2M   = []
+# cache_fills    = []
+
+for i in range(NUM_RUNS):
+    target_dir = FILE_NAME + '-RUN-' + str(i)
+    target_file = target_dir + '/iperf.bw.rpt'
+
+    print("\n=== DEBUGGING INFO ===")
+    print(f"1. Current Working Directory (pwd): {os.getcwd()}")
+    print(f"2. Target Directory: {target_dir}")
+    print(f"3. Target File: {target_file}")
+
+    # Check if the directory even exists
+    if os.path.exists(target_dir):
+        print(f"4. Directory EXISTS. Contents (ls):")
+        try:
+            files_in_dir = os.listdir(target_dir)
+            if not files_in_dir:
+                print("   [Directory is completely empty!]")
+            else:
+                for f in files_in_dir:
+                    print(f"   - {f}")
+        except Exception as e:
+            print(f"   [Error trying to list directory contents: {e}]")
+    else:
+        print(f"4. CRITICAL: The directory {target_dir} DOES NOT EXIST at this exact moment!")
+
+    print("======================\n")
+
+
+    with open(target_file) as f1:
+        for line in f1:
+            tput = float(line.split()[-1])
+            if (tput > 0):
+                net_tputs.append(tput)
+            break
+
+    # with open(FILE_NAME + '-RUN-' + str(i) + '/client-retx.rpt') as f1:
+    #     for line in f1:
+    #         line_str = line.split()
+    #         if (line_str[0] == 'Retx_percent:'):  # always come last so we can break
+    #             retx_pct = float(line_str[-1])
+    #             if (retx_pct >= 0):
+    #                 retx_rates.append(retx_pct)
+    #             break
+    #         elif (line_str[0] == "Recv:"):
+    #             sent = float(line_str[-1])
+    #             sent_packets.append(sent)
+
+    with open(FILE_NAME + '-RUN-' + str(i) + '/cpu_util.rpt') as f1:
+        for line in f1:
+            line_str = line.split()
+            if (line_str[0] != 'avg_cpu_util:'):
+                continue
+            else:
+                cpu_util = float(line_str[-1])
+                if (cpu_util >= 0):
+                    cpu_utils.append(cpu_util)
+                break
+
+
+def mean_or_zero(arr): return statistics.mean(arr) if arr else 0
+def stdev_or_zero(arr): return statistics.stdev(arr) if len(arr) > 1 else 0
+def max_or_zero(arr): return max(arr) if len(arr) > 1 else 0
+
+
+cpu_utils_mean = mean_or_zero(cpu_utils);               cpu_utils_stddev = stdev_or_zero(cpu_utils)
+net_tput_mean = mean_or_zero(net_tputs);                net_tput_stddev = stdev_or_zero(net_tputs)
+# retx_rate_mean = mean_or_zero(retx_rates);              retx_rate_stddev = stdev_or_zero(retx_rates)
+# sent_packets_mean = mean_or_zero(sent_packets);         sent_packets_stddev = stdev_or_zero(sent_packets)
+# mem_bw_mean = mean_or_zero(mem_bws);                    mem_bw_stddev = stdev_or_zero(mem_bws)
+# pcie_wr_tput_mean = mean_or_zero(pcie_wr_tput);         pcie_wr_tput_stddev = stdev_or_zero(pcie_wr_tput)
+
+# iotlb_first_lookup_mean = mean_or_zero(iotlb_first_lookup);  iotlb_first_lookup_stddev = stdev_or_zero(iotlb_first_lookup)
+# iotlb_all_lookup_mean  = mean_or_zero(iotlb_all_lookup);     iotlb_all_lookup_stddev  = stdev_or_zero(iotlb_all_lookup)
+# iotlb_miss_mean        = mean_or_zero(iotlb_miss);           iotlb_miss_stddev        = stdev_or_zero(iotlb_miss)
+# iommu_mem_access_mean  = mean_or_zero(iommu_mem_access);     iommu_mem_access_stddev  = stdev_or_zero(iommu_mem_access)
+# iotlb_inv_mean         = mean_or_zero(iotlb_inv);            iotlb_inv_stddev         = stdev_or_zero(iotlb_inv)
+# pwt_occupancy_mean     = mean_or_zero(pwt_occupancy);        pwt_occupancy_stddev     = stdev_or_zero(pwt_occupancy)
+# mem_stats_mean = mean_or_zero(mem_used)
+# mem_stats_max = max_or_zero(mem_used)
+
+# mlc_tput_mean = 0
+# mlc_tput_stddev = 0
+
+# if (COLLECT_MLC_TPUT > 0):
+#     mlc_tput_mean = statistics.mean(mlc_tputs)
+#     if NUM_RUNS > 1:
+#         mlc_tput_stddev = statistics.stdev(mlc_tputs)
+#     else:
+#         mlc_tput_stddev = 0
+
+output_list = [
+    ("cpu_utils_mean", cpu_utils_mean), ("cpu_utils_stddev", cpu_utils_stddev),
+    ("net_tput_mean", net_tput_mean), ("net_tput_stddev", net_tput_stddev),
+    # ("retx_rate_mean", retx_rate_mean), ("retx_rate_stddev", retx_rate_stddev),
+    # ("mem_bw_mean", mem_bw_mean), ("mem_bw_stddev", mem_bw_stddev),
+    # ("pcie_wr_tput_mean", pcie_wr_tput_mean), ("pcie_wr_tput_stddev", pcie_wr_tput_stddev),
+
+    # ("iotlb_first_lookup_mean", iotlb_first_lookup_mean), ("iotlb_first_lookup_stddev", iotlb_first_lookup_stddev),
+    # ("iotlb_all_lookup_mean",  iotlb_all_lookup_mean),   ("iotlb_all_lookup_stddev",  iotlb_all_lookup_stddev),
+    # ("iotlb_miss_mean", iotlb_miss_mean), ("iotlb_miss_stddev", iotlb_miss_stddev),
+    # ("iommu_mem_access_mean", iommu_mem_access_mean), ("iommu_mem_access_stddev", iommu_mem_access_stddev),
+    # ("iotlb_inv_mean", iotlb_inv_mean), ("iotlb_inv_stddev", iotlb_inv_stddev),
+    # ("pwt_occupancy_mean", pwt_occupancy_mean), ("pwt_occupancy_stddev", pwt_occupancy_stddev),
+
+    # ("mlc_tput_mean", 0 if not mlc_tputs else mean_or_zero(mlc_tputs)),
+    # ("mlc_tput_stddev", 0 if len(mlc_tputs) < 2 else stdev_or_zero(mlc_tputs)),
+    # ("sent_packets_mean", sent_packets_mean), ("sent_packets_stddev", sent_packets_stddev),
+    # ("mem_mean", mem_stats_mean), ("mem_max", mem_stats_max)
+]
+
+headers, outputs = zip(*output_list)
+headers = ",".join(headers) 
+outputs = list(outputs)
+
+# Save array to DAT file
+np.savetxt(FILE_NAME + '/tput_metrics.dat',
+           [outputs], delimiter=",", header=headers, comments='', fmt='%.10f')
diff --git a/scripts/many-vm-run-dctcp-tput-experiment.sh b/scripts/many-vm-run-dctcp-tput-experiment.sh
new file mode 100755
index 000000000..cc125b0a3
--- /dev/null
+++ b/scripts/many-vm-run-dctcp-tput-experiment.sh
@@ -0,0 +1,573 @@
+#!/bin/bash
+
+# Treat unset variables as an error when substituting.
+set -u
+
+#-------------------------------------------------------------------------------
+# CONFIGURATION AND PATHS
+#-------------------------------------------------------------------------------
+SCRIPT_NAME="many-vm-run-dctcp-tput-experiment"
+INIT_PORT=3000
+MLC_DURATION_S=100
+GUEST_MLC_DIR_REL="mlc/Linux"
+
+FTRACE_BUFFER_SIZE_KB=20000
+FTRACE_OVERWRITE_ON_FULL=0 # 0=no overwrite (tracing stops when full), 1=overwrite
+PERF_TRACING_ENABLED=0
+
+# --- Base Directory Paths (Relative to respective home directories) ---
+SCRIPT_DIR=$(dirname "$0")
+GUEST_FandS_REL=$(basename $(realpath "$SCRIPT_DIR/../"))
+GUEST_PERF_REL="linux-6.12.9/tools/perf/perf"
+CLIENT_FandS_REL="Fast-and-Safe-IO-Memory-Protection"
+
+# --- F and S Directory Paths (Relative to respective F and S directories) ---
+GUEST_SETUP_DIR_REL="utils"
+GUEST_EXP_DIR_REL="utils/tcp"
+CLIENT_SETUP_DIR_REL="utils"
+CLIENT_EXP_DIR_REL="utils/tcp"
+
+EBPF_GUEST_LOADER_REL="$GUEST_FandS_REL/tracing/guest_loader"
+
+# --- Remote Access (SSH) Configuration ---
+HOST_SSH_UNAME="lbalara"
+HOST_SSH_PASSWORD=""
+HOST_SSH_IDENTITY_FILE="/home/schai/.ssh/id_rsa"
+HOST_USE_PASS_AUTH=0
+
+#-------------------------------------------------------------------------------
+# DEFAULT CONFIGURATION AND PATHS EDITABLE BY COMMAND LINE
+#-------------------------------------------------------------------------------
+# --- Experiment Setup ---
+EXP_NAME="tput-test"
+VM_ID="0"  # Unique per-VM identifier for session names, ports, file prefixes
+NUM_RUNS=1 # Always 1 for multi-VM; coordination handled by host
+CORE_DURATION_S=20 # Duration for the main workload
+MLC_CORES="none"
+EBPF_TRACING_ENABLED=0
+COLLECT_MEM_STATS=0
+
+# --- Guest (Server) Machine Configuration ---
+GUEST_HOME="/home/schai"
+GUEST_IP="10.10.1.50"
+GUEST_INTF="enp8s0np1"
+GUEST_NIC_BUS="0x08"
+GUEST_NUM_SERVERS=5
+GUEST_CPU_MASK="0,1,2,3,4"
+
+# --- Client Machine Configuration ---
+CLIENT_HOME="/users/Leshna/"
+CLIENT_IP="10.10.1.2"
+CLIENT_INTF="eno12409np1"
+CLIENT_NUM_CLIENTS=5
+CLIENT_CPU_MASK="0,4,8,12,16"
+CLIENT_BANDWIDTH="100g"
+
+# --- Host Machine Configuration ---
+HOST_HOME="/users/Leshna"
+HOST_IP="192.168.122.1"
+
+# --- Network & System Parameters ---
+MTU=4000
+DDIO_ENABLED=1
+RING_BUFFER_SIZE=256
+TCP_SOCKET_BUF_MB=1
+
+# --- Remote Access (SSH) Configuration ---
+CLIENT_SSH_UNAME="saksham"
+CLIENT_SSH_HOST="genie12.cs.cornell.edu"
+CLIENT_SSH_PASSWORD="saksham"
+CLIENT_USE_PASS_AUTH=1
+CLIENT_SSH_IDENTITY_FILE="/home/schai/.ssh/id_ed25519"
+
+#-------------------------------------------------------------------------------
+# Help/usage
+#-------------------------------------------------------------------------------
+help() {
+	echo "Usage: $SCRIPT_NAME"
+	echo "Server/Guest Configuration:"
+	echo "    [ --guest-home <path> (Guest home directory) ]"
+	echo "    [ --guest-ip <ip> (IP address of the server/guest) ]"
+	echo "    [ --guest-intf <name> (Network interface for the server/guest) ]"
+  echo "    [ --guest-bus <bus> (NIC’s PCI bus number) ]"
+	echo "    [ -n | --guest-num <count> (Number of server instances; default: 5) ]"
+	echo "    [ -c | --guest-cpu-mask <csv> (Guest CPU mask, comma-separated; default: 0,1,2,3,4) ]"
+	echo
+	echo "Client Configuration:"
+	echo "    [ --client-home <path> (Client home directory) ]"
+	echo "    [ --client-ip <ip> (IP address of the client) ]"
+	echo "    [ --client-intf <name> (Interface name for the client) ]"
+	echo "    [ -N | --client-num <count> (Number of client instances; default: 5) ]"
+	echo "    [ -C | --client-cpu-mask <csv> (Client CPU mask, comma-separated; default: 0,4,8,12,16) ]"
+	echo
+	echo "Host Configuration:"
+	echo "    [ --host-home <path> (Host home directory) ]"
+	echo "    [ --host-ip <ip> (IP address of the host) ]"
+	echo
+	echo "Experiment Parameters:"
+	echo "    [ --vm-id <id> (Unique VM identifier for session names/ports; default: 0) ]"
+	echo "    [ -e | --exp-name <name> (Experiment name for output directories; default: tput-test) ]"
+	echo "    [ -m | --mtu <size> (MTU size; default: 4000) ]"
+	echo "    [ -d | --ddio <0|1> (DDIO enabled; default: 1) ]"
+	echo "    [ -b | --bandwidth <rate> (Client bandwidth; default: 100g) ]"
+	echo "    [ -r | --ring-buffer <size> (NIC Rx ring buffer size; default: 256) ]"
+	echo "    [ --mlc-cores <csv|'none'> (MLC cores; default: none) ]"
+	echo "    [ --socket-buf <MB> (TCP socket buffer size in MB; default: 1) ]"
+	echo "    [ --dur <seconds> (Core experiment duration in seconds; default: 20) ]"
+	echo "    [ --runs <count> (Number of experiment repetitions; forced to 1 for multi-VM) ]"
+	echo "    [ --ebpf-tracing <0|1> (Enable eBPF tracing; default: 0) ]"
+	echo "    [ --mem-stats <0|1> (Enable collect-mem-stats.sh; default: 0) ]"
+	echo
+	echo "Client SSH Configuration:"
+	echo "    [ --client-ssh-name <uname> ]"
+	echo "    [ --client-ssh-host <ip> ]"
+	echo "    [ --client-ssh-use-pass <0|1> ]"
+	echo "    [ --client-ssh-pass <pass> ]"
+	echo "    [ --client-ssh-ifile <path> ]"
+	echo
+	echo "    [ -h | --help ]"
+	exit 2
+}
+
+
+#-------------------------------------------------------------------------------
+# COMMAND-LINE ARGUMENT PARSING
+#-------------------------------------------------------------------------------
+SHORT_OPTS="n:c:N:C:e:m:d:b:r:h"
+LONG_OPTS="guest-home:,guest-ip:,guest-intf:,guest-bus:,guest-num:,guest-cpu-mask:,\
+client-home:,client-ip:,client-intf:,client-num:,client-cpu-mask:,\
+host-home:,host-ip:,\
+vm-id:,exp-name:,mtu:,ddio:,bandwidth:,ring-buffer:,mlc-cores:,socket-buf:,dur:,runs:,ebpf-tracing:,mem-stats:,\
+client-ssh-name:,client-ssh-host:,client-ssh-use-pass:,client-ssh-pass:,client-ssh-ifile:,help"
+
+PARSED_OPTS=$(getopt -a -n "$SCRIPT_NAME" --options "$SHORT_OPTS" --longoptions "$LONG_OPTS" -- "$@")
+VALID_ARGUMENTS=$#
+if [ "$VALID_ARGUMENTS" -eq 0 ]; then
+	help
+fi
+eval set -- "$PARSED_OPTS"
+
+while :; do
+	case "$1" in
+	--guest-home) GUEST_HOME="$2"; shift 2 ;;
+	--guest-ip) GUEST_IP="$2"; shift 2 ;;
+	--guest-intf) GUEST_INTF="$2"; shift 2 ;;
+	--guest-bus) GUEST_NIC_BUS="$2"; shift 2 ;;
+	-n | --guest-num) GUEST_NUM_SERVERS="$2"; shift 2 ;;
+	-c | --guest-cpu-mask) GUEST_CPU_MASK="$2"; shift 2 ;;
+	--client-home) CLIENT_HOME="$2"; shift 2 ;;
+	--client-ip) CLIENT_IP="$2"; shift 2 ;;
+	--client-intf) CLIENT_INTF="$2"; shift 2 ;;
+	-N | --client-num) CLIENT_NUM_CLIENTS="$2"; shift 2 ;;
+	-C | --client-cpu-mask) CLIENT_CPU_MASK="$2"; shift 2 ;;
+	--host-home) HOST_HOME="$2"; shift 2 ;;
+	--host-ip) HOST_IP="$2"; shift 2 ;;
+	--vm-id) VM_ID="$2"; shift 2 ;;
+	-e | --exp-name) EXP_NAME="$2"; shift 2 ;;
+	-m | --mtu) MTU="$2"; shift 2 ;;
+	-d | --ddio) DDIO_ENABLED="$2"; shift 2 ;;
+	-b | --bandwidth) CLIENT_BANDWIDTH="$2"; shift 2 ;;
+	-r | --ring-buffer) RING_BUFFER_SIZE="$2"; shift 2 ;;
+	--mlc-cores) MLC_CORES="$2"; shift 2 ;;
+	--socket-buf) TCP_SOCKET_BUF_MB="$2"; shift 2 ;;
+	--dur) CORE_DURATION_S="$2"; shift 2 ;;
+	--runs) NUM_RUNS="$2"; shift 2 ;;
+	--ebpf-tracing) EBPF_TRACING_ENABLED="$2"; shift 2 ;;
+	--mem-stats) COLLECT_MEM_STATS="$2"; shift 2 ;;
+	--client-ssh-name) CLIENT_SSH_UNAME="$2"; shift 2 ;;
+	--client-ssh-host) CLIENT_SSH_HOST="$2"; shift 2 ;;
+	--client-ssh-use-pass) CLIENT_USE_PASS_AUTH="$2"; shift 2 ;;
+	--client-ssh-pass) CLIENT_SSH_PASSWORD="$2"; shift 2 ;;
+	--client-ssh-ifile) CLIENT_SSH_IDENTITY_FILE="$2"; shift 2 ;;
+	-h | --help) help ;;
+	--) shift; break ;;
+	*) echo "Unexpected option: $1"; help ;;
+	esac
+done
+
+# Force single run for multi-VM coordination
+NUM_RUNS=1
+
+# --- VM-specific naming for screen sessions and ports ---
+# Each VM gets unique screen session names so cleanup doesn't kill other VMs.
+# Port offset avoids any potential conflicts on the client side.
+SCREEN_CLIENT_SESSION="client_session_vm${VM_ID}"
+SCREEN_CLIENT_LOGGING="logging_session_client_vm${VM_ID}"
+INIT_PORT=$((3000 + VM_ID * 100))
+
+GUEST_SETUP_DIR="${GUEST_HOME}/${GUEST_FandS_REL}/${GUEST_SETUP_DIR_REL}"
+GUEST_EXP_DIR="${GUEST_HOME}/${GUEST_FandS_REL}/${GUEST_EXP_DIR_REL}"
+GUEST_MLC_DIR="${GUEST_HOME}/${GUEST_MLC_DIR_REL}"
+GUEST_PERF="${GUEST_HOME}/${GUEST_PERF_REL}"
+CLIENT_SETUP_DIR="${CLIENT_HOME}/${CLIENT_FandS_REL}/${CLIENT_SETUP_DIR_REL}"
+CLIENT_EXP_DIR="${CLIENT_HOME}/${CLIENT_FandS_REL}/${CLIENT_EXP_DIR_REL}"
+EBPF_GUEST_LOADER="${GUEST_HOME}/${EBPF_GUEST_LOADER_REL}"
+PROFILING_LOGGING_DUR_S=$((CORE_DURATION_S))
+
+if [ "$CLIENT_USE_PASS_AUTH" -eq 1 ]; then
+	SSH_CLIENT_CMD="sshpass -p $CLIENT_SSH_PASSWORD ssh ${CLIENT_SSH_UNAME}@${CLIENT_SSH_HOST}"
+else
+	SSH_CLIENT_CMD="ssh -i $CLIENT_SSH_IDENTITY_FILE ${CLIENT_SSH_UNAME}@${CLIENT_SSH_HOST}"
+fi
+
+if [ "$HOST_USE_PASS_AUTH" -eq 1 ]; then
+	SSH_HOST_CMD="sshpass -p $HOST_SSH_PASSWORD ssh ${HOST_SSH_UNAME}@${HOST_IP}"
+else
+	SSH_HOST_CMD="ssh -i $HOST_SSH_IDENTITY_FILE ${HOST_SSH_UNAME}@${HOST_IP}"
+fi
+
+#-------------------------------------------------------------------------------
+# HELPER FUNCTIONS
+#-------------------------------------------------------------------------------
+
+# mem_pid=""
+# cleanup_mem_stats() {
+# 	if [ "$COLLECT_MEM_STATS" -eq 1 ] && [ -n "$mem_pid" ]; then
+# 		log_info "Killing memory collection (PID $mem_pid)..."
+# 		sudo kill "$mem_pid" 2>/dev/null || true
+# 		sudo pkill -P "$mem_pid" 2>/dev/null || true
+# 		sudo pkill -f "collect-mem-stats.sh" 2>/dev/null || true
+# 		wait "$mem_pid" 2>/dev/null || true
+# 		mem_pid=""
+# 	fi
+# }
+# trap cleanup_mem_stats EXIT
+
+log_info() {
+	echo "[INFO-$(date +%Y-%m-%d-%H:%M:%S)] [vm${VM_ID}] [$EXP_NAME] $1"
+}
+
+log_error() {
+	echo "[ERROR-$(date +%Y-%m-%d-%H:%M:%S)] [vm${VM_ID}] [$EXP_NAME] $1" >&2
+}
+
+progress_bar() {
+	local duration_secs=$1
+	local interval_secs=$2
+	local elapsed_time_secs=0
+
+	if [ "$duration_secs" -eq 0 ]; then
+		printf "[==================================================] 100%% (0/0s)\n"
+		return
+	fi
+
+	local progress_bar_width=50
+	while [ "$elapsed_time_secs" -lt "$duration_secs" ]; do
+		elapsed_time_secs=$((elapsed_time_secs + interval_secs))
+		if [ "$elapsed_time_secs" -gt "$duration_secs" ]; then
+			elapsed_time_secs=$duration_secs
+		fi
+
+		local progress_percent=$((elapsed_time_secs * 100 / duration_secs))
+		local bar_filled_length=$((progress_percent * progress_bar_width / 100))
+
+		local bar_visual=""
+		for ((k = 0; k < bar_filled_length; k++)); do bar_visual+="="; done
+
+		printf "[%-*s] %3d%% (%*ds/%ds)\r" "$progress_bar_width" "$bar_visual" "$progress_percent" \
+			"${#duration_secs}" "$elapsed_time_secs" "$duration_secs"
+		sleep "$interval_secs"
+	done
+
+	local full_bar_visual=""
+	for ((k = 0; k < progress_bar_width; k++)); do full_bar_visual+="="; done
+	printf "[%-*s] 100%% (%ds/%ds)\n" "$progress_bar_width" "$full_bar_visual" "$duration_secs" "$duration_secs"
+}
+
+# --- Guest-only pre-experiment setup (no host/client setup) ---
+pre_exp_setup() {
+	log_info "--- Starting Pre-experiment Setup (guest-only) ---"
+
+	log_info "Disabling TX/RX pause on GUEST interface $GUEST_INTF"
+	sudo ethtool --pause "$GUEST_INTF" tx off rx off
+
+	log_info "--- Pre-experiment Setup Finished ---"
+}
+
+# --- Guest-only post-experiment cleanup (no host reset) ---
+post_exp_cleanup() {
+	log_info "--- Starting Post-experiment Cleanup (guest-only) ---"
+
+	log_info "Resetting GUEST ftrace..."
+	sudo sh -c 'echo 0 > /sys/kernel/debug/tracing/tracing_on'
+	sudo sh -c 'echo 0 > /sys/kernel/debug/tracing/options/overwrite'
+	sudo sh -c 'echo 20000 > /sys/kernel/debug/tracing/buffer_size_kb'
+
+	log_info "--- Post-experiment Cleanup Finished ---"
+}
+
+# --- Cleanup: guest processes and THIS VM's client sessions only ---
+cleanup() {
+	log_info "--- Starting Cleanup Phase ---"
+
+	log_info "Killing local 'loaded_latency', 'iperf' processes..."
+	sudo pkill -9 -f loaded_latency 2>/dev/null || true
+	sudo pkill -9 -f iperf 2>/dev/null || true
+
+	if [ "$PERF_TRACING_ENABLED" -eq 1 ]; then
+		sudo pkill -SIGINT -f "$GUEST_PERF record" 2>/dev/null || true
+		sleep 1
+		sudo pkill -9 -f "$GUEST_PERF record" 2>/dev/null || true
+	fi
+
+	if [ "$EBPF_TRACING_ENABLED" -eq 1 ]; then
+		log_info "Stopping guest eBPF tracers..."
+		guest_loader_basename=$(basename "$EBPF_GUEST_LOADER")
+		cd "$(dirname "$EBPF_GUEST_LOADER")" || { log_error "Failed to cd to $(dirname "$EBPF_GUEST_LOADER")"; }
+		make clean 2>/dev/null || true
+		make 2>/dev/null || true
+		cd - > /dev/null
+		sudo pkill -SIGINT -f "$guest_loader_basename" 2>/dev/null || true
+		sudo pkill -9 -f "$guest_loader_basename" 2>/dev/null || true
+	fi
+
+	# Only kill THIS VM's screen sessions on the client (not other VMs')
+	log_info "Terminating client screen sessions: $SCREEN_CLIENT_SESSION, $SCREEN_CLIENT_LOGGING"
+	$SSH_CLIENT_CMD \
+		"screen -S $SCREEN_CLIENT_SESSION -X quit" 2>/dev/null || true
+	$SSH_CLIENT_CMD \
+		"screen -S $SCREEN_CLIENT_LOGGING -X quit" 2>/dev/null || true
+
+	# Only kill iperf instances talking to THIS VM's guest IP (not other VMs')
+	$SSH_CLIENT_CMD \
+		"sudo pkill -9 -f 'iperf.*${GUEST_IP}'" 2>/dev/null || true
+	$SSH_CLIENT_CMD \
+		'screen -wipe' 2>/dev/null || true
+
+	log_info "Resetting GUEST network interface $GUEST_INTF..."
+	sudo ip link set "$GUEST_INTF" down
+	sleep 1
+	sudo ip link set "$GUEST_INTF" up
+	sleep 1
+	log_info "--- Cleanup Phase Finished ---"
+}
+
+save_config_to_report_json() {
+	local report_dir="${1:-$current_guest_reports_dir}"
+	local config_file="$report_dir/config.json"
+
+	local guest_cmdline=$(cat /proc/cmdline)
+	local guest_kernel=$(uname -r)
+	local client_cmdline=$($SSH_CLIENT_CMD 'cat /proc/cmdline')
+	local client_kernel=$($SSH_CLIENT_CMD 'uname -r')
+
+	cat > "$config_file" <<-EOF
+	{
+	  "timestamp": "$(date -Iseconds)",
+	  "vm_id": "$VM_ID",
+	  "test_params": {
+	    "core_duration_s": "$CORE_DURATION_S",
+	    "mtu": "$MTU",
+	    "ddio_enabled": "$DDIO_ENABLED",
+	    "ring_buffer_size": "$RING_BUFFER_SIZE",
+	    "tcp_socket_buf_mb": "$TCP_SOCKET_BUF_MB",
+	    "mlc_cores": "$MLC_CORES",
+	    "init_port": "$INIT_PORT"
+	  },
+	  "guest": {
+	    "ip": "$GUEST_IP",
+	    "interface": "$GUEST_INTF",
+	    "num_servers": "$GUEST_NUM_SERVERS",
+	    "cpu_mask": "$GUEST_CPU_MASK",
+	    "nic_bus": "$GUEST_NIC_BUS",
+	    "kernel": "$guest_kernel",
+	    "cmdline": "$guest_cmdline"
+	  },
+	  "client": {
+	    "ip": "$CLIENT_IP",
+	    "interface": "$CLIENT_INTF",
+	    "num_clients": "$CLIENT_NUM_CLIENTS",
+	    "cpu_mask": "$CLIENT_CPU_MASK",
+	    "bandwidth": "$CLIENT_BANDWIDTH",
+	    "kernel": "$client_kernel",
+	    "cmdline": "$client_cmdline"
+	  }
+	}
+	EOF
+}
+
+#-------------------------------------------------------------------------------
+# MAIN
+#-------------------------------------------------------------------------------
+
+pre_exp_setup
+
+log_info "Starting experiment: $EXP_NAME"
+log_info "VM_ID=$VM_ID, INIT_PORT=$INIT_PORT, single run (multi-VM mode)"
+
+j=0  # Single run, index 0
+
+log_info "############################################################"
+log_info "### Starting Experiment: $EXP_NAME (vm${VM_ID})"
+log_info "############################################################"
+
+# --- Per-Run Directory and File Definitions ---
+# Client report dir uses EXP_NAME which already has VM suffix from the caller.
+# Files within the client dir also get vm prefix for safety in case the
+# caller passes a shared EXP_NAME.
+current_guest_reports_dir="${GUEST_SETUP_DIR}/reports/${EXP_NAME}-RUN-${j}"
+client_reports_dir_remote="${CLIENT_SETUP_DIR}/reports/${EXP_NAME}-RUN-${j}"
+
+perf_guest_data_file="${current_guest_reports_dir}/perf_guest_cpu.data"
+iova_ftrace_guest_output_file="${current_guest_reports_dir}/iova_ftrace_guest.txt"
+ebpf_guest_stats="${current_guest_reports_dir}/ebpf_guest_stats.csv"
+guest_server_app_log_file="${current_guest_reports_dir}/server_app.log"
+guest_mlc_log_file="${current_guest_reports_dir}/mlc.log"
+
+sudo mkdir -p "$current_guest_reports_dir"
+
+# --- Pre-run cleanup ---
+cleanup
+
+# --- Save config ---
+save_config_to_report_json "$current_guest_reports_dir"
+
+if [ "$COLLECT_MEM_STATS" -eq 1 ]; then
+	log_info "Killing memory-intensive programs..."
+	sudo killall -9 code node 2>/dev/null || true
+	sudo killall -9 cursor cursor-server 2>/dev/null || true
+	log_info "Flushing VM caches..."
+	sudo sync
+	echo 3 | sudo tee /proc/sys/vm/drop_caches
+	log_info "Starting memory collection script..."
+	bash collect-mem-stats.sh "$current_guest_reports_dir/memory_stats.csv" 0.5 &
+	mem_pid=$!
+	log_info "Memory collection started with PID $mem_pid"
+fi
+
+# --- Start MLC if configured ---
+if [ "$MLC_CORES" != "none" ]; then
+	log_info "Starting MLC on cores: $MLC_CORES; logs at $guest_mlc_log_file..."
+	"$GUEST_MLC_DIR/mlc" --loaded_latency -T -d0 -e -k"$MLC_CORES" -j0 -b1g -t10000 -W2 &>"$guest_mlc_log_file" &
+	log_info "Waiting for MLC to ramp up (30 seconds)..."
+	progress_bar 30 5
+else
+	log_info "MLC not configured for this run."
+fi
+
+# --- Setup Guest (Server) Environment ---
+log_info "Setting up GUEST server environment..."
+cd "$GUEST_SETUP_DIR" || { log_error "Failed to cd to $GUEST_SETUP_DIR"; exit 1; }
+sudo bash setup-envir.sh --dep "$GUEST_HOME" --intf "$GUEST_INTF" --ip "$GUEST_IP" -m "$MTU" -d "$DDIO_ENABLED" -r "$RING_BUFFER_SIZE" \
+	--socket-buf "$TCP_SOCKET_BUF_MB" --hwpref 1 --rdma 0 --pfc 0 --ecn 1 --opt 1 --nic-bus "$GUEST_NIC_BUS"
+cd - > /dev/null
+
+# --- Start Guest (Server) Application ---
+log_info "Starting GUEST server application; logs at $guest_server_app_log_file"
+cd "$GUEST_EXP_DIR" || { log_error "Failed to cd to $GUEST_EXP_DIR"; exit 1; }
+sudo bash run-netapp-tput.sh --mode server -n "$GUEST_NUM_SERVERS" -N "$CLIENT_NUM_CLIENTS" -o "${EXP_NAME}-RUN-${j}" \
+	-p "$INIT_PORT" -c "$GUEST_CPU_MASK" &>"$guest_server_app_log_file" &
+sleep 2 # Allow server app to initialize
+cd - > /dev/null
+
+# --- Start Clients (traffic generation only, no client setup-envir.sh) ---
+# Uses VM-specific screen session name and port offset.
+log_info "Starting CLIENT traffic on $CLIENT_SSH_HOST (screen: $SCREEN_CLIENT_SESSION, port: $INIT_PORT)..."
+client_cmd="cd '$CLIENT_EXP_DIR'; sudo bash many-run-netapp-tput.sh --mode client --server-ip '$GUEST_IP' -n '$GUEST_NUM_SERVERS' -N '$CLIENT_NUM_CLIENTS' -o '${EXP_NAME}-RUN-${j}' -p '$INIT_PORT' -c '$CLIENT_CPU_MASK' -b '$CLIENT_BANDWIDTH'; exec bash"
+$SSH_CLIENT_CMD "screen -dmS $SCREEN_CLIENT_SESSION sudo bash -c \"$client_cmd\""
+
+# --- Warmup Phase ---
+log_info "Warming up experiment (120 seconds)..."
+progress_bar 120 2
+
+# --- Start Guest eBPF Tracers (if enabled) ---
+if [ "$EBPF_TRACING_ENABLED" -eq 1 ]; then
+	log_info "Starting GUEST eBPF tracer..."
+	echo "current_time: $(date) $(date +%s)"
+	sudo taskset -c 13 "$EBPF_GUEST_LOADER" -d "$CORE_DURATION_S" -o "$ebpf_guest_stats" &
+	sleep 2
+fi
+
+# --- Guest Ftrace Setup ---
+log_info "Configuring GUEST ftrace (Buffer: ${FTRACE_BUFFER_SIZE_KB}KB, Overwrite: ${FTRACE_OVERWRITE_ON_FULL})..."
+sudo sh -c "echo $FTRACE_BUFFER_SIZE_KB > /sys/kernel/debug/tracing/buffer_size_kb"
+sudo sh -c "echo $FTRACE_OVERWRITE_ON_FULL > /sys/kernel/debug/tracing/options/overwrite"
+sudo sh -c 'echo > /sys/kernel/debug/tracing/trace'
+sudo sh -c 'echo 1 > /sys/kernel/debug/tracing/tracing_on'
+log_info "GUEST ftrace is ON."
+
+# --- Start Guest Perf (if enabled) ---
+if [ "$PERF_TRACING_ENABLED" -eq 1 ]; then
+	log_info "Starting GUEST perf record (CPU profiling)..."
+	sudo "$GUEST_PERF" record -F 99 -a -g --call-graph dwarf -o "$perf_guest_data_file" -- sleep "$PROFILING_LOGGING_DUR_S" &
+fi
+
+# --- Start Client-side Logging (VM-specific screen session + output dir) ---
+log_info "Starting CLIENT-side logging (screen: $SCREEN_CLIENT_LOGGING)..."
+client_logging_cmd="cd '$CLIENT_SETUP_DIR'; sudo bash record-host-metrics.sh \
+    --dep '$CLIENT_HOME' -o '${EXP_NAME}-RUN-${j}' --dur '$CORE_DURATION_S' \
+    --cpu-util 1 -c '$CLIENT_CPU_MASK' --retx 1 --tcplog 0 --bw 1 --flame 0 \
+    --pcie 0 --membw 0 --iio 0 --pfc 0 --intf '$CLIENT_INTF' --type 0; exec bash"
+$SSH_CLIENT_CMD "screen -dmS $SCREEN_CLIENT_LOGGING sudo bash -c \"$client_logging_cmd\""
+
+# --- Start Guest-side (Server) Logging ---
+log_info "Starting GUEST-side (server) logging..."
+cd "$GUEST_SETUP_DIR" || { log_error "Failed to cd to $GUEST_SETUP_DIR"; exit 1; }
+sudo bash record-host-metrics.sh --dep "$GUEST_HOME" -o "${EXP_NAME}-RUN-${j}" \
+	--dur "$CORE_DURATION_S" --cpu-util 1 -c "$GUEST_CPU_MASK" --retx 1 --tcplog 0 --bw 1 --flame 0 \
+	--pcie 0 --membw 0 --iio 0 --pfc 0 --intf "$GUEST_INTF" --type 0
+cd - > /dev/null
+
+log_info "Logging done."
+log_info "Primary data collection phase on GUEST complete."
+
+# --- Save Guest Ftrace Data ---
+log_info "Stopping and saving GUEST ftrace data..."
+sudo sh -c 'echo 0 > /sys/kernel/debug/tracing/tracing_on'
+sudo cat /sys/kernel/debug/tracing/trace > "$iova_ftrace_guest_output_file"
+sudo sh -c 'echo > /sys/kernel/debug/tracing/trace'
+log_info "GUEST ftrace data saved to $iova_ftrace_guest_output_file"
+
+head -n 2000 "$iova_ftrace_guest_output_file" > "${iova_ftrace_guest_output_file}.head2000"
+tail -n 2000 "$iova_ftrace_guest_output_file" > "${iova_ftrace_guest_output_file}.tail2000"
+
+# --- Stop Guest eBPF Tracers ---
+if [ "$EBPF_TRACING_ENABLED" -eq 1 ]; then
+	log_info "Stopping guest eBPF tracers..."
+	echo "current_time: $(date) $(date +%s)"
+	guest_loader_basename=$(basename "$EBPF_GUEST_LOADER")
+	sudo pkill -SIGINT -f "$guest_loader_basename" 2>/dev/null && \
+		log_info "SIGINT sent to GUEST eBPF loader." || \
+		log_info "WARN: GUEST eBPF loader process not found or SIGINT failed."
+fi
+
+# --- Transfer Report Files from Client ---
+# Files on the client are in a dir named after EXP_NAME (already VM-specific).
+log_info "Transferring report files from CLIENT..."
+if [ "$CLIENT_USE_PASS_AUTH" -eq 1 ]; then
+	sshpass -p "$CLIENT_SSH_PASSWORD" \
+		scp "${CLIENT_SSH_UNAME}@${CLIENT_SSH_HOST}:${client_reports_dir_remote}/retx.rpt" \
+		"${current_guest_reports_dir}/client-retx.rpt" || log_error "Failed to SCP client retx.rpt"
+else
+	scp -i "$CLIENT_SSH_IDENTITY_FILE" \
+		"${CLIENT_SSH_UNAME}@${CLIENT_SSH_HOST}:${client_reports_dir_remote}/retx.rpt" \
+		"${current_guest_reports_dir}/client-retx.rpt" || log_error "Failed to SCP client retx.rpt"
+fi
+
+log_info "Waiting for remote operations to settle ($((CORE_DURATION_S * 2))s)..."
+progress_bar $((CORE_DURATION_S * 2)) 2
+
+log_info "############################################################"
+log_info "### Finished Experiment: $EXP_NAME (vm${VM_ID})"
+log_info "############################################################"
+
+# --- Post-run cleanup ---
+cleanup
+post_exp_cleanup
+
+cd "$SCRIPT_DIR" || exit 1
+
+sleep 5
+
+if [ "$MLC_CORES" != "none" ]; then
+	log_info "MLC cores were used."
+fi
+
+log_info "Collecting and processing statistics..."
+if [ "$MLC_CORES" = "none" ]; then
+	sudo python3 many-vm-collect-tput-stats.py "$EXP_NAME" "$NUM_RUNS" 0
+else
+	sudo python3 many-vm-collect-tput-stats.py "$EXP_NAME" "$NUM_RUNS" 0
+fi
+
+log_info "Experiment $EXP_NAME (vm${VM_ID}) finished."
\ No newline at end of file
diff --git a/scripts/sosp24-experiments/many_vm_flows_exp.sh b/scripts/sosp24-experiments/many_vm_flows_exp.sh
new file mode 100755
index 000000000..8cdf010b1
--- /dev/null
+++ b/scripts/sosp24-experiments/many_vm_flows_exp.sh
@@ -0,0 +1,171 @@
+#!/bin/bash
+set -euo pipefail
+
+# Ensure we are in the scripts directory
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+cd "$SCRIPT_DIR/.." || exit 1
+echo "Running multi-VM flow experiment..."
+
+# --- Parse arguments ---
+VM_NAME=""
+NUM_CORES=""
+NUM_FLOWS=""
+DRY_RUN=0
+EXP_NAME=""
+
+while [[ $# -gt 0 ]]; do
+	case "$1" in
+	--vm-name)    VM_NAME="$2";    shift 2 ;;
+	--num-cores)  NUM_CORES="$2";  shift 2 ;;
+	--num-flows)  NUM_FLOWS="$2";  shift 2 ;;
+	--exp-name)   EXP_NAME="$2";   shift 2 ;;
+	--dry)        DRY_RUN=1;       shift   ;;
+	*)            shift            ;;
+	esac
+done
+
+if [[ -z "$VM_NAME" || -z "$NUM_CORES" || -z "$NUM_FLOWS" || -z "$EXP_NAME" ]]; then
+	echo "Usage: $0 --vm-name <n> --num-cores <N> --num-flows <N> --exp-name <name> [--dry]" >&2
+	exit 1
+fi
+
+# --- Derive VM index from name (trailing vmN) ---
+if [[ "$VM_NAME" =~ vm([0-9]+)$ ]]; then
+	VM_INDEX="${BASH_REMATCH[1]}"
+else
+	echo "ERROR: cannot extract VM index from name '$VM_NAME'" >&2
+	exit 1
+fi
+
+echo "VM name:  $VM_NAME"
+echo "VM index: $VM_INDEX"
+echo "Cores:    $NUM_CORES"
+echo "Flows:    $NUM_FLOWS"
+echo "Experiment Name: $EXP_NAME"
+
+# --- Configuration ---
+GUEST_INTF="enp0s1"
+GUEST_IP="192.168.101.$((11 + VM_INDEX))"
+GUEST_NIC_BUS="0x0"
+GUEST_HOME="/home/schai"
+
+HOST_IP="192.17.101.97"
+HOST_UNAME="lbalara"
+HOST_HOME="/home/lbalara"
+HOST_RESULTS_DIR="/home/lbalara/viommu/ManyVM-FandS/utils/reports/"
+
+CLIENT_HOME="/home/siyuanc3"
+CLIENT_INTF="ens1006np0"
+CLIENT_IP="192.168.101.3"
+CLIENT_SSH_UNAME="siyuanc3"
+CLIENT_SSH_HOST="nexus03.csl.illinois.edu"
+CLIENT_SSH_PASSWORD="saksham"
+CLIENT_USE_PASS_AUTH=0
+CLIENT_SSH_IDENTITY_FILE="/home/schai/.ssh/id_rsa"
+
+HOST_SSH_UNAME="lbalara"
+HOST_SSH_PASSWORD=""
+HOST_SSH_IDENTITY_FILE="/home/schai/.ssh/id_rsa"
+HOST_USE_PASS_AUTH=0
+
+Z_LIST_DLF="1"
+
+echo "Guest IP: $GUEST_IP"
+
+# --- Helper functions ---
+
+if [ "$CLIENT_USE_PASS_AUTH" -eq 1 ]; then
+	SSH_CLIENT_CMD="sshpass -p $CLIENT_SSH_PASSWORD ssh ${CLIENT_SSH_UNAME}@${CLIENT_SSH_HOST}"
+else
+	SSH_CLIENT_CMD="ssh -i $CLIENT_SSH_IDENTITY_FILE ${CLIENT_SSH_UNAME}@${CLIENT_SSH_HOST}"
+fi
+
+if [ "$HOST_USE_PASS_AUTH" -eq 1 ]; then
+	SSH_HOST_CMD="sshpass -p $HOST_SSH_PASSWORD ssh ${HOST_SSH_UNAME}@${HOST_IP}"
+	SCP_HOST_CMD="sshpass -p $HOST_SSH_PASSWORD scp"
+else
+	SSH_HOST_CMD="ssh -i $HOST_SSH_IDENTITY_FILE ${HOST_SSH_UNAME}@${HOST_IP}"
+	SCP_HOST_CMD="scp -i $HOST_SSH_IDENTITY_FILE"
+fi
+
+
+# --- Build core masks ---
+# Each VM uses a different slice of client cores based on VM_INDEX.
+# VM0 uses cores 0..NUM_CORES-1, VM1 uses NUM_CORES..2*NUM_CORES-1, etc.
+# Server cores always start at 0 within each VM (guest-local).
+all_cores="0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31"
+
+client_core_offset=$((VM_INDEX * NUM_CORES))
+client_cores_mask=$(echo "$all_cores" | tr ',' '\n' | tail -n +$((client_core_offset + 1)) | head -n "$NUM_CORES" | tr '\n' ',' | sed 's/,$//')
+server_cores_mask=$(echo "$all_cores" | tr ',' '\n' | head -n "$NUM_CORES" | tr '\n' ',' | sed 's/,$//')
+
+echo "Client cores (offset by VM index $VM_INDEX): $client_cores_mask"
+echo "Server cores: $server_cores_mask"
+
+# --- Run experiment ---
+socket_buf=1
+ring_buffer=512
+
+# Always one run as we need to sync for multi-vm
+N_RUNS=1
+
+format_flows=$(printf "%02d" "$NUM_FLOWS")
+
+# Check for DLF mode
+if sudo test -f "/sys/kernel/debug/iommu/leader_max_flushes"; then
+	z_list="$Z_LIST_DLF"
+else
+	z_list=""
+fi
+
+run_list="${z_list:-default}"
+
+for z in $run_list; do
+	if [ "$z" != "default" ]; then
+		echo "$z" | sudo tee /sys/kernel/debug/iommu/leader_max_flushes
+		echo "Leader Max Flushes: $(sudo cat /sys/kernel/debug/iommu/leader_max_flushes)"
+	fi
+
+	echo "Running $EXP_NAME (N_RUNS=$N_RUNS)"
+
+	if [ "$DRY_RUN" -eq 1 ]; then
+		echo "[DRY RUN] Skipping actual experiment"
+		continue
+	fi
+
+	sudo mkdir -p ../utils/reports/"$EXP_NAME"
+
+	sudo bash many-vm-run-dctcp-tput-experiment.sh \
+		--vm-id "$VM_INDEX" \
+		--guest-home "$GUEST_HOME" --guest-ip "$GUEST_IP" --guest-intf "$GUEST_INTF" --guest-bus "$GUEST_NIC_BUS" \
+		-n "$NUM_FLOWS" -c "$server_cores_mask" \
+		--client-home "$CLIENT_HOME" --client-ip "$CLIENT_IP" --client-intf "$CLIENT_INTF" \
+		-N "$NUM_FLOWS" -C "$client_cores_mask" \
+		--host-home "$HOST_HOME" --host-ip "$HOST_IP" \
+		--client-ssh-name "$CLIENT_SSH_UNAME" --client-ssh-pass "$CLIENT_SSH_PASSWORD" \
+		--client-ssh-host "$CLIENT_SSH_HOST" --client-ssh-use-pass "$CLIENT_USE_PASS_AUTH" \
+		--client-ssh-ifile "$CLIENT_SSH_IDENTITY_FILE" \
+		-e "$EXP_NAME" -m 4000 -r "$ring_buffer" -b "400g" -d 1 \
+		--socket-buf "$socket_buf" --mlc-cores 'none' --runs "$N_RUNS" \
+		2>&1 | sudo tee ../utils/reports/"$EXP_NAME"/experiment.log
+
+	# python3 report-tput-metrics.py "$EXP_NAME" tput,cpu \
+	# 	| sudo tee ../utils/reports/"$EXP_NAME"/summary.txt
+
+	sudo chmod -R a+rw ../utils/reports/"$EXP_NAME"
+
+	# --- SCP results back to host ---
+	echo "Copying results to host..."
+	local_report_dir="../utils/reports/$EXP_NAME"
+
+	$SSH_HOST_CMD "mkdir -p ${HOST_RESULTS_DIR}/${EXP_NAME}"
+
+	$SCP_HOST_CMD -r \
+		"$local_report_dir"/* \
+		"${HOST_SSH_UNAME}@${HOST_IP}:${HOST_RESULTS_DIR}/${EXP_NAME}/"
+
+	echo "Results copied to ${HOST_SSH_UNAME}@${HOST_IP}:${HOST_RESULTS_DIR}/${EXP_NAME}/"
+done
+
+echo ""
+echo "=== Experiment complete on ${VM_NAME} ==="
\ No newline at end of file