From 15411868bad0ac9ca4831335442f0b4798e43a4b Mon Sep 17 00:00:00 2001
From: Ruoyu Ying <ruoyu.ying@intel.com>
Date: Tue, 16 Apr 2019 19:15:45 +0800
Subject: [PATCH] Add scripts for vIPSEC VNF

- Add scripts for vPacketgen and vSink that would
be used in vIPSEC VNF.
- Fixed minor bugs inside the base_vipsec.yaml

Change-Id: Ide06fa3f05babe99a9728653a6d2ac214696049e
Issue-ID: INT-793
Signed-off-by: Ruoyu Ying <ruoyu.ying@intel.com>
---
 heat/vIPsec/vIPsec/base_vipsec.yaml                |   4 +-
 .../evel/evel-library/libs/aarch64/libevel.a       | Bin 585853 -> 585842 bytes
 vnfs/vIPSEC/pg_streams/dep.xml                     |  17 ++++
 vnfs/vIPSEC/pg_streams/pom.xml                     |  83 +++++++++++++++++
 vnfs/vIPSEC/pg_streams/stream_ipsec_udp1           |  12 +++
 vnfs/vIPSEC/pg_streams/stream_ipsec_udp10          |  12 +++
 vnfs/vIPSEC/pg_streams/stream_ipsec_udp2           |  12 +++
 vnfs/vIPSEC/pg_streams/stream_ipsec_udp3           |  12 +++
 vnfs/vIPSEC/pg_streams/stream_ipsec_udp4           |  12 +++
 vnfs/vIPSEC/pg_streams/stream_ipsec_udp5           |  12 +++
 vnfs/vIPSEC/pg_streams/stream_ipsec_udp6           |  12 +++
 vnfs/vIPSEC/pg_streams/stream_ipsec_udp7           |  12 +++
 vnfs/vIPSEC/pg_streams/stream_ipsec_udp8           |  12 +++
 vnfs/vIPSEC/pg_streams/stream_ipsec_udp9           |  12 +++
 vnfs/vIPSEC/scripts/assembly.xml                   |  23 +++++
 vnfs/vIPSEC/scripts/pom.xml                        |  62 +++++++++++++
 vnfs/vIPSEC/scripts/run_traffic_ipsec_demo.sh      |   9 ++
 vnfs/vIPSEC/scripts/update_running_streams.sh      |  18 ++++
 vnfs/vIPSEC/scripts/v_packetgen_init.sh            |  87 ++++++++++++++++++
 vnfs/vIPSEC/scripts/v_packetgen_install.sh         |  98 +++++++++++++++++++++
 vnfs/vIPSEC/scripts/v_sink_init.sh                 |  17 ++++
 vnfs/vIPSEC/scripts/v_sink_install.sh              |  68 ++++++++++++++
 vnfs/vIPSEC/scripts/vpacketgen.sh                  |  98 +++++++++++++++++++++
 vnfs/vIPSEC/scripts/vsink.sh                       |  98 +++++++++++++++++++++
 24 files changed, 800 insertions(+), 2 deletions(-)
 create mode 100644 vnfs/vIPSEC/pg_streams/dep.xml
 create mode 100644 vnfs/vIPSEC/pg_streams/pom.xml
 create mode 100644 vnfs/vIPSEC/pg_streams/stream_ipsec_udp1
 create mode 100644 vnfs/vIPSEC/pg_streams/stream_ipsec_udp10
 create mode 100644 vnfs/vIPSEC/pg_streams/stream_ipsec_udp2
 create mode 100644 vnfs/vIPSEC/pg_streams/stream_ipsec_udp3
 create mode 100644 vnfs/vIPSEC/pg_streams/stream_ipsec_udp4
 create mode 100644 vnfs/vIPSEC/pg_streams/stream_ipsec_udp5
 create mode 100644 vnfs/vIPSEC/pg_streams/stream_ipsec_udp6
 create mode 100644 vnfs/vIPSEC/pg_streams/stream_ipsec_udp7
 create mode 100644 vnfs/vIPSEC/pg_streams/stream_ipsec_udp8
 create mode 100644 vnfs/vIPSEC/pg_streams/stream_ipsec_udp9
 create mode 100644 vnfs/vIPSEC/scripts/assembly.xml
 create mode 100644 vnfs/vIPSEC/scripts/pom.xml
 create mode 100755 vnfs/vIPSEC/scripts/run_traffic_ipsec_demo.sh
 create mode 100644 vnfs/vIPSEC/scripts/update_running_streams.sh
 create mode 100755 vnfs/vIPSEC/scripts/v_packetgen_init.sh
 create mode 100755 vnfs/vIPSEC/scripts/v_packetgen_install.sh
 create mode 100755 vnfs/vIPSEC/scripts/v_sink_init.sh
 create mode 100755 vnfs/vIPSEC/scripts/v_sink_install.sh
 create mode 100755 vnfs/vIPSEC/scripts/vpacketgen.sh
 create mode 100755 vnfs/vIPSEC/scripts/vsink.sh

diff --git a/heat/vIPsec/vIPsec/base_vipsec.yaml b/heat/vIPsec/vIPsec/base_vipsec.yaml
index 993612e3..6d401415 100644
--- a/heat/vIPsec/vIPsec/base_vipsec.yaml
+++ b/heat/vIPsec/vIPsec/base_vipsec.yaml
@@ -688,14 +688,14 @@ resources:
 
             # Create configuration files
             mkdir /opt/config
-            echo "__ipsec_ipaddr__" > /opt/config/fw_ipaddr.txt
+            echo "__ipsec_ipaddr__" > /opt/config/vipsec_ipaddr.txt
             echo "__protected_clientB_net_cidr__" > /opt/config/protected_clientB_net_cidr.txt
             echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt
             echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt
             echo "__install_script_version__" > /opt/config/install_script_version.txt
             echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt
             echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt
-            echo "__protected_clientB_private_net_cidr__" > /opt/config/protected_clientA_net_cidr.txt
+            echo "__protected_clientA__net_cidr__" > /opt/config/protected_clientA_net_cidr.txt
             echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt
             echo "__cloud_env__" > /opt/config/cloud_env.txt
             echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt
diff --git a/vnfs/VES5.0/evel/evel-library/libs/aarch64/libevel.a b/vnfs/VES5.0/evel/evel-library/libs/aarch64/libevel.a
index 0e17b9f89df9318ef836b9e189e8d08d96221f36..a3783eef941a01189b985254ea0122e8c19d7fee 100755
GIT binary patch
delta 117
zcmezSK>5=H<%Sl<7N!>F7M3ln`a;_cgjk<&Z5Neg6^Pg#E6C==xILqcwVMOVHfvyg
z%?4$sbg<_0Y`-#v)x>E#=XKU#E0DN`-u5<oHc7ti3w+s9L?J5M-BZ|rn0>o@3Wr$_
E03Gxt<NyEw

delta 139
zcmezLK>6<j<%Sl<7N!>F7M3ln`a+Dn+x3N5pKt+bVOdsz2q68Tj@6lQds-Q57YBr=
z3#Eag2_39?JV4QNQ&>%$fHc!})?h1$DksM6(}mcc=>U1P_H2@TKzf=lTZ$-5w%sO$
O4T#yd+oW)q^#A}PLn|Wy

diff --git a/vnfs/vIPSEC/pg_streams/dep.xml b/vnfs/vIPSEC/pg_streams/dep.xml
new file mode 100644
index 00000000..5355773f
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/dep.xml
@@ -0,0 +1,17 @@
+<assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2" 
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
+  <id>demo</id>
+  <formats>
+    <format>tar.gz</format>
+  </formats>
+  <fileSets>
+    <fileSet>
+      <directory>.</directory>
+      <outputDirectory>/</outputDirectory>
+      <includes>
+        <include>stream*</include>
+      </includes>
+    </fileSet>
+  </fileSets>
+</assembly>
diff --git a/vnfs/vIPSEC/pg_streams/pom.xml b/vnfs/vIPSEC/pg_streams/pom.xml
new file mode 100644
index 00000000..724e44a7
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/pom.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ============LICENSE_START==========================================
+ ===================================================================
+ Copyright © 2019 Intel Intellectual Property. All rights reserved.
+ ===================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+         http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END============================================
+-->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+  <parent>
+    <groupId>org.onap.demo.vnf</groupId>
+    <artifactId>demo-aggregator</artifactId>
+    <version>1.4.0-SNAPSHOT</version>
+    <relativePath>../../../pom.xml</relativePath>
+  </parent>
+
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>org.onap.demo.vnf.vipsec</groupId>
+  <artifactId>vipsec_pg_streams</artifactId>
+
+  <build>
+    <plugins>
+
+       <plugin>
+        <artifactId>maven-jar-plugin</artifactId>
+        <version>2.3.2</version>
+        <executions>
+          <execution>
+            <id>default-jar</id>
+            <phase>never</phase>
+          </execution>
+        </executions>
+      </plugin>
+
+      <plugin>
+        <artifactId>maven-assembly-plugin</artifactId>
+        <version>2.5.3</version>
+        <configuration>
+          <descriptor>dep.xml</descriptor>
+        </configuration>
+        <executions>
+          <execution>
+            <id>create-archive</id>
+            <phase>package</phase>
+            <goals>
+              <goal>single</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+
+      <plugin>
+        <groupId>org.codehaus.mojo</groupId>
+        <artifactId>exec-maven-plugin</artifactId>
+        <executions>
+          <execution>
+            <phase>none</phase>
+          </execution>
+        </executions>
+        <configuration>
+          <skip>true</skip>
+        </configuration>
+      </plugin>
+
+    </plugins>
+  </build>
+
+</project>
diff --git a/vnfs/vIPSEC/pg_streams/stream_ipsec_udp1 b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp1
new file mode 100644
index 00000000..da1cce06
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp1
@@ -0,0 +1,12 @@
+packet-generator new {
+  name ipsec_udp1
+  rate 10
+  node ip4-input
+  size 64-64
+  no-recycle
+  data {
+    UDP: 192.168.10.31 -> 192.168.20.32
+    UDP: 15320 -> 8080	
+    length 128 checksum 0 incrementing 1
+  }
+}
diff --git a/vnfs/vIPSEC/pg_streams/stream_ipsec_udp10 b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp10
new file mode 100644
index 00000000..fd0847a1
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp10
@@ -0,0 +1,12 @@
+packet-generator new {
+  name ipsec_udp10
+  rate 10
+  node ip4-input
+  size 64-64
+  no-recycle
+  data {
+    UDP: 192.168.10.31 -> 192.168.20.32
+    UDP: 15320 -> 8080	
+    length 128 checksum 0 incrementing 1
+  }
+}
diff --git a/vnfs/vIPSEC/pg_streams/stream_ipsec_udp2 b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp2
new file mode 100644
index 00000000..c6c80369
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp2
@@ -0,0 +1,12 @@
+packet-generator new {
+  name ipsec_udp2
+  rate 10
+  node ip4-input
+  size 64-64
+  no-recycle
+  data {
+    UDP: 192.168.10.31 -> 192.168.20.32
+    UDP: 15320 -> 8080	
+    length 128 checksum 0 incrementing 1
+  }
+}
diff --git a/vnfs/vIPSEC/pg_streams/stream_ipsec_udp3 b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp3
new file mode 100644
index 00000000..c7c5bd4f
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp3
@@ -0,0 +1,12 @@
+packet-generator new {
+  name ipsec_udp3
+  rate 10
+  node ip4-input
+  size 64-64
+  no-recycle
+  data {
+    UDP: 192.168.10.31 -> 192.168.20.32
+    UDP: 15320 -> 8080	
+    length 128 checksum 0 incrementing 1
+  }
+}
diff --git a/vnfs/vIPSEC/pg_streams/stream_ipsec_udp4 b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp4
new file mode 100644
index 00000000..4fc03372
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp4
@@ -0,0 +1,12 @@
+packet-generator new {
+  name ipsec_udp4
+  rate 10
+  node ip4-input
+  size 64-64
+  no-recycle
+  data {
+    UDP: 192.168.10.31 -> 192.168.20.32
+    UDP: 15320 -> 8080	
+    length 128 checksum 0 incrementing 1
+  }
+}
diff --git a/vnfs/vIPSEC/pg_streams/stream_ipsec_udp5 b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp5
new file mode 100644
index 00000000..cdd8d8ea
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp5
@@ -0,0 +1,12 @@
+packet-generator new {
+  name ipsec_udp5
+  rate 10
+  node ip4-input
+  size 64-64
+  no-recycle
+  data {
+    UDP: 192.168.10.31 -> 192.168.20.32
+    UDP: 15320 -> 8080	
+    length 128 checksum 0 incrementing 1
+  }
+}
diff --git a/vnfs/vIPSEC/pg_streams/stream_ipsec_udp6 b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp6
new file mode 100644
index 00000000..731a0df2
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp6
@@ -0,0 +1,12 @@
+packet-generator new {
+  name ipsec_udp6
+  rate 10
+  node ip4-input
+  size 64-64
+  no-recycle
+  data {
+    UDP: 192.168.10.31 -> 192.168.20.32
+    UDP: 15320 -> 8080	
+    length 128 checksum 0 incrementing 1
+  }
+}
diff --git a/vnfs/vIPSEC/pg_streams/stream_ipsec_udp7 b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp7
new file mode 100644
index 00000000..7afb478e
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp7
@@ -0,0 +1,12 @@
+packet-generator new {
+  name ipsec_udp7
+  rate 10
+  node ip4-input
+  size 64-64
+  no-recycle
+  data {
+    UDP: 192.168.10.31 -> 192.168.20.32
+    UDP: 15320 -> 8080	
+    length 128 checksum 0 incrementing 1
+  }
+}
diff --git a/vnfs/vIPSEC/pg_streams/stream_ipsec_udp8 b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp8
new file mode 100644
index 00000000..feaa5d45
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp8
@@ -0,0 +1,12 @@
+packet-generator new {
+  name ipsec_udp8
+  rate 10
+  node ip4-input
+  size 64-64
+  no-recycle
+  data {
+    UDP: 192.168.10.31 -> 192.168.20.32
+    UDP: 15320 -> 8080	
+    length 128 checksum 0 incrementing 1
+  }
+}
diff --git a/vnfs/vIPSEC/pg_streams/stream_ipsec_udp9 b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp9
new file mode 100644
index 00000000..8f8bd742
--- /dev/null
+++ b/vnfs/vIPSEC/pg_streams/stream_ipsec_udp9
@@ -0,0 +1,12 @@
+packet-generator new {
+  name ipsec_udp9
+  rate 10
+  node ip4-input
+  size 64-64
+  no-recycle
+  data {
+    UDP: 192.168.10.31 -> 192.168.20.32
+    UDP: 15320 -> 8080	
+    length 128 checksum 0 incrementing 1
+  }
+}
diff --git a/vnfs/vIPSEC/scripts/assembly.xml b/vnfs/vIPSEC/scripts/assembly.xml
new file mode 100644
index 00000000..cbdb5680
--- /dev/null
+++ b/vnfs/vIPSEC/scripts/assembly.xml
@@ -0,0 +1,23 @@
+<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 http://maven.apache.org/xsd/assembly-2.0.0.xsd">
+  <id>scripts</id>
+  <formats>
+    <format>zip</format>
+  </formats>
+  <includeBaseDirectory>false</includeBaseDirectory>
+  <fileSets>
+    <fileSet>
+      <directory>${basedir}</directory>
+      <includes>
+        <include>*</include>
+      </includes>
+      <excludes>
+        <exclude>assembly.xml</exclude>
+        <exclude>pom.xml</exclude>
+        <exclude>target</exclude>
+        <exclude>.*</exclude>
+      </excludes>
+    </fileSet>
+  </fileSets>
+</assembly>
diff --git a/vnfs/vIPSEC/scripts/pom.xml b/vnfs/vIPSEC/scripts/pom.xml
new file mode 100644
index 00000000..4c0e9e15
--- /dev/null
+++ b/vnfs/vIPSEC/scripts/pom.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ============LICENSE_START==========================================
+ ===================================================================
+ Copyright © 2019 Intel Intellectual Property. All rights reserved.
+ ===================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+         http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END============================================
+-->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+  <parent>
+    <groupId>org.onap.demo.vnf</groupId>
+    <artifactId>demo-aggregator</artifactId>
+    <version>1.4.0-SNAPSHOT</version>
+    <relativePath>../../../pom.xml</relativePath>
+  </parent>
+
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>org.onap.demo.vnf.vipsec</groupId>
+  <artifactId>vipsec-scripts</artifactId>
+  <packaging>pom</packaging>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-assembly-plugin</artifactId>
+        <version>3.1.0</version>
+        <configuration>
+          <descriptors>
+            <descriptor>assembly.xml</descriptor>
+          </descriptors>
+          <appendAssemblyId>false</appendAssemblyId>
+        </configuration>
+        <executions>
+          <execution>
+            <id>make-assembly</id> <!-- this is used for inheritance merges -->
+            <phase>package</phase> <!-- bind to the packaging phase -->
+            <goals>
+              <goal>single</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+
+</project>
diff --git a/vnfs/vIPSEC/scripts/run_traffic_ipsec_demo.sh b/vnfs/vIPSEC/scripts/run_traffic_ipsec_demo.sh
new file mode 100755
index 00000000..e8f1bcf2
--- /dev/null
+++ b/vnfs/vIPSEC/scripts/run_traffic_ipsec_demo.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+while [ 1 ] 
+do
+curl -X PUT -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -H "Cache-Control: no-cache" -H "Postman-Token: 9005870c-900b-2e2e-0902-ef2009bb0ff7" -d '{"streams": {"active-streams": 10}}' http://localhost:8183/restconf/config/stream-count:stream-count/streams
+sleep 300
+curl -X PUT -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -H "Cache-Control: no-cache" -H "Postman-Token: 9005870c-900b-2e2e-0902-ef2009bb0ff7" -d '{"streams": {"active-streams": 1}}' http://localhost:8183/restconf/config/stream-count:stream-count/streams
+sleep 300
+done
\ No newline at end of file
diff --git a/vnfs/vIPSEC/scripts/update_running_streams.sh b/vnfs/vIPSEC/scripts/update_running_streams.sh
new file mode 100644
index 00000000..e21a6ba1
--- /dev/null
+++ b/vnfs/vIPSEC/scripts/update_running_streams.sh
@@ -0,0 +1,18 @@
+#/bin/bash
+
+if [ ! "$#" -eq 1 ]
+then
+  echo "Usage: ./update_running_streams.sh [number of active streams]"
+  exit
+fi
+
+STREAMS=$1
+BODY=""
+
+for((i=1; $i<= $STREAMS; i++)); do
+  BODY+="{\"id\":\"ipsec_udp$i\", \"is-enabled\":\"true\"},"
+done
+
+BODY='{"pg-streams":{"pg-stream": ['${BODY%?}']}}'
+
+curl -X PUT -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -H "Cache-Control: no-cache" -H "Postman-Token: 9005870c-900b-2e2e-0902-ef2009bb0ff7" -d "$BODY" "http://localhost:8183/restconf/config/sample-plugin:sample-plugin/pg-streams"
diff --git a/vnfs/vIPSEC/scripts/v_packetgen_init.sh b/vnfs/vIPSEC/scripts/v_packetgen_init.sh
new file mode 100755
index 00000000..324df0b6
--- /dev/null
+++ b/vnfs/vIPSEC/scripts/v_packetgen_init.sh
@@ -0,0 +1,87 @@
+#!/bin/bash
+
+# Convert Network CIDR to Netmask
+mask2cidr() {
+    nbits=0
+    IFS=.
+    for dec in $1 ; do
+        case $dec in
+            255) let nbits+=8;;
+            254) let nbits+=7;;
+            252) let nbits+=6;;
+            248) let nbits+=5;;
+            240) let nbits+=4;;
+            224) let nbits+=3;;
+            192) let nbits+=2;;
+            128) let nbits+=1;;
+            0);;
+            *) echo "Error: $dec is not recognized"; exit 1
+        esac
+    done
+    echo "$nbits"
+}
+
+# Start VPP
+start vpp
+sleep 1
+
+# Configure VPP for vPacketGenerator
+IPADDR1=$(ifconfig eth1 | grep "inet addr" | tr -s ' ' | cut -d' ' -f3 | cut -d':' -f2)
+HWADDR1=$(ifconfig eth1 | grep HWaddr | tr -s ' ' | cut -d' ' -f5)
+FAKE_HWADDR1=$(echo -n 00; dd bs=1 count=5 if=/dev/urandom 2>/dev/null | hexdump -v -e '/1 ":%02X"')
+PROTECTED_NET_CIDR=$(cat /opt/config/protected_clientA_private_net_cidr.txt)
+IPSEC_IPADDR=$(cat /opt/config/ipsec_ipaddr.txt)
+SINK_IPADDR=$(cat /opt/config/sink_ipaddr.txt)
+
+IPADDR1_MASK=$(ifconfig eth1 | grep "Mask" | awk '{print $4}' | awk -F ":" '{print $2}')
+IPADDR1_CIDR=$(mask2cidr $IPADDR1_MASK)
+
+ifconfig eth1 down
+ifconfig eth1 hw ether $FAKE_HWADDR1
+ip addr flush dev eth1
+ifconfig eth1 up
+vppctl tap connect tap111 hwaddr $HWADDR1
+vppctl set int ip address tap-0 $IPADDR1"/"$IPADDR1_CIDR
+vppctl set int state tap-0 up
+brctl addbr br0
+brctl addif br0 tap111
+brctl addif br0 eth1
+ifconfig br0 up
+vppctl ip route add $PROTECTED_NET_CIDR via $IPSEC_IPADDR
+sleep 1
+
+# Install packet streams
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_ipsec_udp1
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_ipsec_udp2
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_ipsec_udp3
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_ipsec_udp4
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_ipsec_udp5
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_ipsec_udp6
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_ipsec_udp7
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_ipsec_udp8
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_ipsec_udp9
+sed -i -e "0,/UDP/ s/UDP:.*/UDP: "$IPADDR1" -> "$SINK_IPADDR"/" /opt/pg_streams/stream_ipsec_udp10
+vppctl exec /opt/pg_streams/stream_ipsec_udp1
+vppctl exec /opt/pg_streams/stream_ipsec_udp2
+vppctl exec /opt/pg_streams/stream_ipsec_udp3
+vppctl exec /opt/pg_streams/stream_ipsec_udp4
+vppctl exec /opt/pg_streams/stream_ipsec_udp5
+vppctl exec /opt/pg_streams/stream_ipsec_udp6
+vppctl exec /opt/pg_streams/stream_ipsec_udp7
+vppctl exec /opt/pg_streams/stream_ipsec_udp8
+vppctl exec /opt/pg_streams/stream_ipsec_udp9
+vppctl exec /opt/pg_streams/stream_ipsec_udp10
+sleep 1
+
+# Start HoneyComb
+VERSION=$(cat /opt/config/demo_artifacts_version.txt)
+mkdir -p /var/lib/honeycomb/persist/{config,context}/
+echo "" > /var/lib/honeycomb/persist/context/data.json
+echo "" > /var/lib/honeycomb/persist/config/data.json
+/opt/honeycomb/sample-distribution-$VERSION/honeycomb &>/dev/null &disown
+sleep 20
+
+# Enable traffic flows
+cd /opt
+chmod +x run_traffic_ipsec_demo.sh
+./run_traffic_ipsec_demo.sh &>/dev/null &disown
diff --git a/vnfs/vIPSEC/scripts/v_packetgen_install.sh b/vnfs/vIPSEC/scripts/v_packetgen_install.sh
new file mode 100755
index 00000000..1e35b768
--- /dev/null
+++ b/vnfs/vIPSEC/scripts/v_packetgen_install.sh
@@ -0,0 +1,98 @@
+#!/bin/bash
+
+NEXUS_ARTIFACT_REPO=$(cat /opt/config/nexus_artifact_repo.txt)
+DEMO_ARTIFACTS_VERSION=$(cat /opt/config/demo_artifacts_version.txt)
+if [[ "$DEMO_ARTIFACTS_VERSION" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi
+INSTALL_SCRIPT_VERSION=$(cat /opt/config/install_script_version.txt)
+CLOUD_ENV=$(cat /opt/config/cloud_env.txt)
+
+# Convert Network CIDR to Netmask
+cdr2mask () {
+	# Number of args to shift, 255..255, first non-255 byte, zeroes
+	set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
+	[ $1 -gt 1 ] && shift $1 || shift
+	echo ${1-0}.${2-0}.${3-0}.${4-0}
+}
+
+# OpenStack network configuration
+if [[ $CLOUD_ENV == "openstack" ]]
+then
+	echo 127.0.0.1 $(hostname) >> /etc/hosts
+
+	# Allow remote login as root
+	mv /root/.ssh/authorized_keys /root/.ssh/authorized_keys.bk
+	cp /home/ubuntu/.ssh/authorized_keys /root/.ssh
+
+	MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1)
+
+	IP=$(cat /opt/config/vpg_private_ip_0.txt)
+	BITS=$(cat /opt/config/protected_clientA_net_cidr.txt | cut -d"/" -f2)
+	NETMASK=$(cdr2mask $BITS)
+	echo "auto eth1" >> /etc/network/interfaces
+	echo "iface eth1 inet static" >> /etc/network/interfaces
+	echo "    address $IP" >> /etc/network/interfaces
+	echo "    netmask $NETMASK" >> /etc/network/interfaces
+	echo "    mtu $MTU" >> /etc/network/interfaces
+
+	IP=$(cat /opt/config/vpg_private_ip_1.txt)
+	BITS=$(cat /opt/config/onap_private_net_cidr.txt | cut -d"/" -f2)
+	NETMASK=$(cdr2mask $BITS)
+	echo "auto eth2" >> /etc/network/interfaces
+	echo "iface eth2 inet static" >> /etc/network/interfaces
+	echo "    address $IP" >> /etc/network/interfaces
+	echo "    netmask $NETMASK" >> /etc/network/interfaces
+	echo "    mtu $MTU" >> /etc/network/interfaces
+
+	ifup eth1
+	ifup eth2
+fi
+
+# Download required dependencies
+echo "deb http://ppa.launchpad.net/openjdk-r/ppa/ubuntu $(lsb_release -c -s) main" >>  /etc/apt/sources.list.d/java.list
+echo "deb-src http://ppa.launchpad.net/openjdk-r/ppa/ubuntu $(lsb_release -c -s) main" >>  /etc/apt/sources.list.d/java.list
+apt-get update
+apt-get install --allow-unauthenticated -y make wget openjdk-8-jdk gcc libcurl4-openssl-dev python-pip bridge-utils apt-transport-https ca-certificates
+pip install jsonschema
+
+# Download code for packet generator
+mkdir /opt/honeycomb
+cd /opt
+
+unzip -p -j /opt/vipsec-scripts-$INSTALL_SCRIPT_VERSION.zip v_packetgen_init.sh > /opt/v_packetgen_init.sh
+unzip -p -j /opt/vipsec-scripts-$INSTALL_SCRIPT_VERSION.zip vpacketgen.sh > /opt/vpacketgen.sh
+unzip -p -j /opt/vipsec-scripts-$INSTALL_SCRIPT_VERSION.zip run_traffic_ipsec_demo.sh > /opt/run_traffic_ipsec_demo.sh
+wget -O sample-distribution-$DEMO_ARTIFACTS_VERSION-hc.tar.gz "${NEXUS_ARTIFACT_REPO}/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf&a=sample-distribution&c=hc&e=tar.gz&v=$DEMO_ARTIFACTS_VERSION"
+wget -O vipsec_pg_streams-$DEMO_ARTIFACTS_VERSION-demo.tar.gz "${NEXUS_ARTIFACT_REPO}/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vipsec&a=vipsec_pg_streams&c=demo&e=tar.gz&v=$DEMO_ARTIFACTS_VERSION"
+
+tar -zmxvf sample-distribution-$DEMO_ARTIFACTS_VERSION-hc.tar.gz
+tar -zmxvf vipsec_pg_streams-$DEMO_ARTIFACTS_VERSION-demo.tar.gz
+mv vipsec_pg_streams-$DEMO_ARTIFACTS_VERSION pg_streams
+mv sample-distribution-$DEMO_ARTIFACTS_VERSION honeycomb
+sed -i 's/"restconf-binding-address": "127.0.0.1",/"restconf-binding-address": "0.0.0.0",/g' honeycomb/sample-distribution-$DEMO_ARTIFACTS_VERSION/config/honeycomb.json
+rm *.tar.gz
+chmod +x v_packetgen_init.sh
+chmod +x vpacketgen.sh
+
+# Install VPP
+export UBUNTU="trusty"
+export RELEASE=".stable.1609"
+rm /etc/apt/sources.list.d/99fd.io.list
+echo "deb [trusted=yes] https://nexus.fd.io/content/repositories/fd.io$RELEASE.ubuntu.$UBUNTU.main/ ./" | sudo tee -a /etc/apt/sources.list.d/99fd.io.list
+apt-get update
+apt-get install -y vpp vpp-dpdk-dkms vpp-lib vpp-dbg vpp-plugins vpp-dev
+sleep 1
+
+# Install honeycomb restart script (workaround due to honeycomb file handle leak)
+cat > /etc/cron.hourly/honeycomb <<EOF
+#!/bin/bash
+VERSION=$(cat /opt/config/demo_artifacts_version.txt)
+pkill java
+/opt/honeycomb/sample-distribution-$VERSION/honeycomb &>/dev/null &disown
+EOF
+chmod +x /etc/cron.hourly/honeycomb
+
+# Run instantiation script
+cd /opt
+mv vpacketgen.sh /etc/init.d
+update-rc.d vpacketgen.sh defaults
+./v_packetgen_init.sh
diff --git a/vnfs/vIPSEC/scripts/v_sink_init.sh b/vnfs/vIPSEC/scripts/v_sink_init.sh
new file mode 100755
index 00000000..85c9073b
--- /dev/null
+++ b/vnfs/vIPSEC/scripts/v_sink_init.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+# Convert Network CIDR to Netmask
+cdr2mask () {
+	# Number of args to shift, 255..255, first non-255 byte, zeroes
+	set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
+	[ $1 -gt 1 ] && shift $1 || shift
+	echo ${1-0}.${2-0}.${3-0}.${4-0}
+}
+
+# Set the IP address of the protected network interface of the vIPsec as a default gateway to the unprotected network
+PROTECTED_NET_GW=$(cat /opt/config/protected_net_gw.txt)
+PROTECTED_NET_A=$(cat /opt/config/protected_net_A.txt | cut -d'/' -f1)
+BITS=$(cat /opt/config/protected_net_A.txt | cut -d"/" -f2)
+NETMASK=$(cdr2mask $BITS) 
+
+route add -net $PROTECTED_NET_A netmask $NETMASK gw $PROTECTED_NET_GW
diff --git a/vnfs/vIPSEC/scripts/v_sink_install.sh b/vnfs/vIPSEC/scripts/v_sink_install.sh
new file mode 100755
index 00000000..a6f18790
--- /dev/null
+++ b/vnfs/vIPSEC/scripts/v_sink_install.sh
@@ -0,0 +1,68 @@
+#!/bin/bash
+
+INSTALL_SCRIPT_VERSION=$(cat /opt/config/install_script_version.txt)
+CLOUD_ENV=$(cat /opt/config/cloud_env.txt)
+
+# Convert Network CIDR to Netmask
+cdr2mask () {
+	# Number of args to shift, 255..255, first non-255 byte, zeroes
+	set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
+	[ $1 -gt 1 ] && shift $1 || shift
+	echo ${1-0}.${2-0}.${3-0}.${4-0}
+}
+
+# OpenStack network configuration
+if [[ $CLOUD_ENV == "openstack" ]]
+then
+	echo 127.0.0.1 $(hostname) >> /etc/hosts
+
+	# Allow remote login as root
+	mv /root/.ssh/authorized_keys /root/.ssh/authorized_keys.bk
+	cp /home/ubuntu/.ssh/authorized_keys /root/.ssh
+
+	MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1)
+
+	IP=$(cat /opt/config/vsn_private_ip_0.txt)
+	BITS=$(cat /opt/config/protected_clientB_private_net_cidr.txt | cut -d"/" -f2)
+	NETMASK=$(cdr2mask $BITS)
+	echo "auto eth1" >> /etc/network/interfaces
+	echo "iface eth1 inet static" >> /etc/network/interfaces
+	echo "    address $IP" >> /etc/network/interfaces
+	echo "    netmask $NETMASK" >> /etc/network/interfaces
+	echo "    mtu $MTU" >> /etc/network/interfaces
+
+	IP=$(cat /opt/config/vsn_private_ip_1.txt)
+	BITS=$(cat /opt/config/onap_private_net_cidr.txt | cut -d"/" -f2)
+	NETMASK=$(cdr2mask $BITS)
+	echo "auto eth2" >> /etc/network/interfaces
+	echo "iface eth2 inet static" >> /etc/network/interfaces
+	echo "    address $IP" >> /etc/network/interfaces
+	echo "    netmask $NETMASK" >> /etc/network/interfaces
+	echo "    mtu $MTU" >> /etc/network/interfaces
+
+	ifup eth1
+	ifup eth2
+fi
+
+# Download required dependencies
+echo "deb http://ppa.launchpad.net/openjdk-r/ppa/ubuntu $(lsb_release -c -s) main" >>  /etc/apt/sources.list.d/java.list
+echo "deb-src http://ppa.launchpad.net/openjdk-r/ppa/ubuntu $(lsb_release -c -s) main" >>  /etc/apt/sources.list.d/java.list
+apt-get update
+apt-get install --allow-unauthenticated -y make wget openjdk-8-jdk apt-transport-https ca-certificates darkstat
+
+# Configure and run Darkstat
+sed -i "s/START_DARKSTAT=.*/START_DARKSTAT=yes/g" /etc/darkstat/init.cfg
+sed -i "s/INTERFACE=.*/INTERFACE=\"-i eth1\"/g" /etc/darkstat/init.cfg
+/etc/init.d/darkstat start
+
+# Download scripts for virtual sink
+cd /opt
+unzip -p -j /opt/vipsec-scripts-$INSTALL_SCRIPT_VERSION.zip v_sink_init.sh > /opt/v_sink_init.sh
+unzip -p -j /opt/vipsec-scripts-$INSTALL_SCRIPT_VERSION.zip vsink.sh > /opt/vsink.sh
+chmod +x v_sink_init.sh
+chmod +x vsink.sh
+
+# Run instantiation script
+mv vsink.sh /etc/init.d
+update-rc.d vsink.sh defaults
+./v_sink_init.sh
diff --git a/vnfs/vIPSEC/scripts/vpacketgen.sh b/vnfs/vIPSEC/scripts/vpacketgen.sh
new file mode 100755
index 00000000..38770310
--- /dev/null
+++ b/vnfs/vIPSEC/scripts/vpacketgen.sh
@@ -0,0 +1,98 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:          packetgen
+# Required-Start:    $remote_fs $syslog
+# Required-Stop:     $remote_fs $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start daemon at boot time
+# Description:       Enable service provided by daemon.
+### END INIT INFO
+
+dir="/opt"
+cmd="./v_packetgen_init.sh"
+user="root"
+
+name=`basename $0`
+pid_file="/var/run/$name.pid"
+stdout_log="/var/log/$name.log"
+stderr_log="/var/log/$name.err"
+
+get_pid() {
+    cat "$pid_file"
+}
+
+is_running() {
+    [ -f "$pid_file" ] && ps `get_pid` > /dev/null 2>&1
+}
+
+case "$1" in
+    start)
+    if is_running; then
+        echo "Already started"
+    else
+        echo "Starting $name"
+        cd "$dir"
+        if [ -z "$user" ]; then
+            sudo $cmd >> "$stdout_log" 2>> "$stderr_log" &
+        else
+            sudo -u "$user" $cmd >> "$stdout_log" 2>> "$stderr_log" &
+        fi
+        echo $! > "$pid_file"
+        if ! is_running; then
+            echo "Unable to start, see $stdout_log and $stderr_log"
+            exit 1
+        fi
+    fi
+    ;;
+    stop)
+    if is_running; then
+        echo -n "Stopping $name.."
+        kill `get_pid`
+        for i in {1..10}
+        do
+            if ! is_running; then
+                break
+            fi
+
+            echo -n "."
+            sleep 1
+        done
+        echo
+
+        if is_running; then
+            echo "Not stopped; may still be shutting down or shutdown may have failed"
+            exit 1
+        else
+            echo "Stopped"
+            if [ -f "$pid_file" ]; then
+                rm "$pid_file"
+            fi
+        fi
+    else
+        echo "Not running"
+    fi
+    ;;
+    restart)
+    $0 stop
+    if is_running; then
+        echo "Unable to stop, will not attempt to start"
+        exit 1
+    fi
+    $0 start
+    ;;
+    status)
+    if is_running; then
+        echo "Running"
+    else
+        echo "Stopped"
+        exit 1
+    fi
+    ;;
+    *)
+    echo "Usage: $0 {start|stop|restart|status}"
+    exit 1
+    ;;
+esac
+
+exit 0
diff --git a/vnfs/vIPSEC/scripts/vsink.sh b/vnfs/vIPSEC/scripts/vsink.sh
new file mode 100755
index 00000000..047f1df8
--- /dev/null
+++ b/vnfs/vIPSEC/scripts/vsink.sh
@@ -0,0 +1,98 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:          sink
+# Required-Start:    $remote_fs $syslog
+# Required-Stop:     $remote_fs $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start daemon at boot time
+# Description:       Enable service provided by daemon.
+### END INIT INFO
+
+dir="/opt"
+cmd="./v_sink_init.sh"
+user="root"
+
+name=`basename $0`
+pid_file="/var/run/$name.pid"
+stdout_log="/var/log/$name.log"
+stderr_log="/var/log/$name.err"
+
+get_pid() {
+    cat "$pid_file"
+}
+
+is_running() {
+    [ -f "$pid_file" ] && ps `get_pid` > /dev/null 2>&1
+}
+
+case "$1" in
+    start)
+    if is_running; then
+        echo "Already started"
+    else
+        echo "Starting $name"
+        cd "$dir"
+        if [ -z "$user" ]; then
+            sudo $cmd >> "$stdout_log" 2>> "$stderr_log" &
+        else
+            sudo -u "$user" $cmd >> "$stdout_log" 2>> "$stderr_log" &
+        fi
+        echo $! > "$pid_file"
+        if ! is_running; then
+            echo "Unable to start, see $stdout_log and $stderr_log"
+            exit 1
+        fi
+    fi
+    ;;
+    stop)
+    if is_running; then
+        echo -n "Stopping $name.."
+        kill `get_pid`
+        for i in {1..10}
+        do
+            if ! is_running; then
+                break
+            fi
+
+            echo -n "."
+            sleep 1
+        done
+        echo
+
+        if is_running; then
+            echo "Not stopped; may still be shutting down or shutdown may have failed"
+            exit 1
+        else
+            echo "Stopped"
+            if [ -f "$pid_file" ]; then
+                rm "$pid_file"
+            fi
+        fi
+    else
+        echo "Not running"
+    fi
+    ;;
+    restart)
+    $0 stop
+    if is_running; then
+        echo "Unable to stop, will not attempt to start"
+        exit 1
+    fi
+    $0 start
+    ;;
+    status)
+    if is_running; then
+        echo "Running"
+    else
+        echo "Stopped"
+        exit 1
+    fi
+    ;;
+    *)
+    echo "Usage: $0 {start|stop|restart|status}"
+    exit 1
+    ;;
+esac
+
+exit 0
-- 
2.16.6