| Internet-Draft | HPC/AI tunnel realization | June 2026 |
| Xiong, et al. | Expires 31 December 2026 | [Page] |
This document defines a tunnel realization model for admitted HPC and AI service intent. The model describes how a service intent instance can be associated with network realization state, including tunnel references, lifecycle, path, policy, resources, protection, admission outcome, and performance monitoring.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 31 December 2026.¶
Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
A service intent request describes the desired network connectivity outcome for an HPC or AI workload. Once such a request is admitted, a network controller or orchestrator may realize it using one or more tunnels, traffic engineering paths, policy objects, resource reservations, or other technology-specific mechanisms.¶
The HP-WAN context for high-throughput, completion-time-aware data transfer and host-network collaboration is described in [I-D.kcrh-hpwan-state-of-art] and [I-D.xhy-hpwan-framework].¶
Related work, such as [I-D.kompella-rtgwg-mlnwsched], discusses environments where network behavior can affect the outcome of scheduled machine learning workloads. This document describes the network-side realization state associated with an admitted service intent request.¶
The workload manager does not need to configure or understand those realization details. However, operators and controllers need a model that correlates admitted service intent with network realization state. This document defines that realization model.¶
The model is intended to complement, not replace, existing TE tunnel and network configuration models. It provides HPC/AI-specific correlation, policy, resource, lifecycle, and monitoring context associated with service intent realization.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
The terms Workload, Job, Task, Scheduler, Scheduler Job Metadata, Service Intent, Tunnel Realization, and Correlation Identifier are defined in [I-D.xkk-teas-hpc-scheduler-job-metadata]. This document uses those terms with the meanings defined there.¶
In this document, a tunnel realization instance is the network-side realization associated with an admitted service intent instance. It is identified by a realization identifier and can reference the corresponding service intent, workload, job, and correlation identifiers.¶
The tunnel realization model represents the network-side state created or selected to satisfy an admitted HPC/AI service intent request. It includes references to intent, tunnels, paths, policy, resources, protection, and observed performance.¶
The model does not define scheduler metadata and does not define the service intent request format. Those are defined separately.¶
The model is intended for controllers and orchestrators that realize admitted workload-driven service intent within data center and inter-data-center network environments.¶
module: ietf-hpc-tunnel-realization
augment /te:te/te:tunnels/te:tunnel:
+--rw hpc-tunnel-realization
+--rw realization-id? string
+--rw intent-ref? string
+--rw workload-ref
| +--rw workload-id? string
| +--rw job-id? string
| +--rw correlation-id? string
+--rw tunnel-type? identityref
+--rw realization-status? identityref
+--rw admission
| +--rw admission-status? identityref
| +--rw decision-time? yang:date-and-time
| +--rw reason? string
+--rw tunnel-policy
| +--rw rate-policy
| | +--rw min-rate? uint64
| | +--rw max-rate? uint64
| | +--rw fixed-rate? uint64
| | +--rw rate-unit? identityref
| +--rw admission-control-policy
| | +--rw enable? boolean
| +--rw preemption-policy? identityref
+--rw tunnel-lifecycle
| +--rw requested-start-time? yang:date-and-time
| +--rw admitted-start-time? yang:date-and-time
| +--rw admitted-end-time? yang:date-and-time
| +--rw activation-time? yang:date-and-time
| +--rw completion-time? yang:date-and-time
+--rw tunnel-path
| +--rw path-ref* string
| +--rw terminals
| +--rw source-endpoint? string
| +--rw destination-endpoint? string
| +--rw endpoint-group-ref* string
+--rw tunnel-protection
| +--rw protection-type? identityref
| +--rw restoration-priority? uint32
+--rw tunnel-resource
| +--rw bandwidth? uint64
| +--rw buffer? uint64
| +--rw queue? string
| +--rw time-slot? string
| +--rw compute-affinity? string
+--ro performance-monitor
+--ro metrics
+--ro measured-throughput? uint64
+--ro measured-latency? uint32
+--ro measured-loss? decimal64
+--ro last-updated? yang:date-and-time
Figure 1: Tunnel realization model structure
¶
A single service intent instance may be realized by one or more tunnels or network service instances. The realization model uses an intent reference to correlate network state with the accepted service intent. For multipoint or endpoint-group communication patterns, multiple realization instances may be required.¶
The admitted parameters in the realization model can differ from the originally requested parameters when the controller accepts a modified service. For example, an admitted start time or admitted rate can represent the outcome of admission control and resource allocation.¶
Future work can define how realization state maps to specific tunnel or signaling mechanisms. Examples of mechanisms that may inform such instantiations include Multipath Traffic Engineering [I-D.kompella-teas-mpte] and RSVP-based HP-WAN host-network collaboration signaling [I-D.xiong-hpwan-signaling-solution]. These examples do not constrain the realization model to a specific tunnel technology.¶
Future revisions need to define the identity values for realization status, admission status, tunnel type, protection type, preemption policy, and rate units. The model also needs to refine how realization references are represented when the underlying network uses multiple TE technologies or multiple administrative domains.¶
The relationship between a service intent instance and one or more realized tunnel instances needs further definition, including whether explicit tunnel identifiers and names are required in the model.¶
The semantics of minimum, maximum, and fixed rate policies need to be specified. The model also needs to distinguish between requested resources, allocated resources, and observed resource state, and determine how resilience and protection expectations are represented.¶
Telemetry, monitoring, and status feedback need further definition, including how operational measurements are associated with the lifecycle of an HPC or AI service request and how those measurements are exposed to workload managers and orchestration systems.¶
The YANG data model is as follows:¶
module ietf-hpc-tunnel-realization {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-hpc-tunnel-realization";
prefix hpc-tunnel;
import ietf-te {
prefix te;
reference
"RFC 8776: Traffic Engineering Common YANG Types";
}
import ietf-yang-types {
prefix yang;
reference
"RFC 6991: Common YANG Data Types";
}
import ietf-hpc-service-intent {
prefix hpc-service;
reference
"draft-xkk-teas-hpc-service-intent: HPC/AI Service Intent Model";
}
organization
"IETF Traffic Engineering Architecture and Signaling (TEAS)
Working Group";
contact
"WG Web: <https://datatracker.ietf.org/wg/teas/>
WG List: <mailto:teas@ietf.org>
Editor: Quan Xiong
<mailto:xiong.quan@zte.com.cn>
Editor: Kireeti Kompella
<mailto:kireeti.ietf@gmail.com>
Editor: Daniel King
<mailto:d.king@lancaster.ac.uk>";
description
"This module defines a tunnel realization model for admitted HPC
and AI service intent. The model describes how service intent
instances are associated with network realization state including
tunnel references, lifecycle, path, policy, resources, protection,
admission outcome, and performance monitoring.
Copyright (c) 2026 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Revised BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see
the RFC itself for full legal notices.";
revision 2026-04-23 {
description
"Initial version of the HPC/AI tunnel realization model.";
reference
"RFC XXXX: HPC/AI Service Intent Tunnel Realization Model";
}
/*
* Identity definitions
*/
identity tunnel-type {
description
"Base identity for tunnel types.";
}
identity mpls-te {
base tunnel-type;
description
"MPLS Traffic Engineering tunnel.";
}
identity sr-te {
base tunnel-type;
description
"Segment Routing Traffic Engineering tunnel.";
}
identity sr-policy {
base tunnel-type;
description
"Segment Routing policy.";
}
identity detnet {
base tunnel-type;
description
"Deterministic Networking tunnel.";
}
identity ipsec {
base tunnel-type;
description
"IPsec tunnel.";
}
identity realization-status {
description
"Base identity for realization status values.";
}
identity configuring {
base realization-status;
description
"Tunnel realization is being configured.";
}
identity active {
base realization-status;
description
"Tunnel realization is active and operational.";
}
identity failed {
base realization-status;
description
"Tunnel realization has failed.";
}
identity completed {
base realization-status;
description
"Tunnel realization has completed successfully.";
}
identity terminated {
base realization-status;
description
"Tunnel realization has been terminated.";
}
identity admission-status {
description
"Base identity for admission status values.";
}
identity pending {
base admission-status;
description
"Admission decision is pending.";
}
identity accepted {
base admission-status;
description
"Service intent accepted as requested.";
}
identity modified {
base admission-status;
description
"Service intent accepted with modifications.";
}
identity rejected {
base admission-status;
description
"Service intent rejected.";
}
identity protection-type {
description
"Base identity for protection types.";
}
identity none {
base protection-type;
description
"No protection.";
}
identity path-protection {
base protection-type;
description
"Path protection.";
}
identity node-protection {
base protection-type;
description
"Node protection.";
}
identity link-protection {
base protection-type;
description
"Link protection.";
}
identity preemption-policy {
description
"Base identity for preemption policies.";
}
identity preemptible {
base preemption-policy;
description
"Tunnel can be preempted.";
}
identity non-preemptible {
base preemption-policy;
description
"Tunnel cannot be preempted.";
}
identity conditionally-preemptible {
base preemption-policy;
description
"Tunnel can be preempted under certain conditions.";
}
identity rate-unit {
description
"Base identity for rate units.";
}
identity bps {
base rate-unit;
description
"Bits per second.";
}
identity kbps {
base rate-unit;
description
"Kilobits per second.";
}
identity mbps {
base rate-unit;
description
"Megabits per second.";
}
identity gbps {
base rate-unit;
description
"Gigabits per second.";
}
/*
* Groupings
*/
grouping workload-reference-grouping {
description
"Workload reference for correlating with service intent.";
leaf workload-id {
type string;
description
"Reference to workload identifier from service intent.";
}
leaf job-id {
type string;
description
"Reference to job identifier from service intent.";
}
leaf correlation-id {
type string;
description
"Correlation identifier for cross-system tracing.";
}
}
grouping admission-grouping {
description
"Admission control state and decision.";
leaf admission-status {
type identityref {
base admission-status;
}
description
"Admission status of the service intent.";
}
leaf decision-time {
type yang:date-and-time;
description
"Time when the admission decision was made.";
}
leaf reason {
type string;
description
"Reason for the admission decision.";
}
}
grouping rate-policy-grouping {
description
"Rate policy for the tunnel.";
leaf min-rate {
type uint64;
description
"Minimum guaranteed rate.";
}
leaf max-rate {
type uint64;
description
"Maximum allowed rate.";
}
leaf fixed-rate {
type uint64;
description
"Fixed committed rate.";
}
leaf rate-unit {
type identityref {
base rate-unit;
}
description
"Unit for rate values.";
}
}
grouping admission-control-policy-grouping {
description
"Admission control policy.";
leaf enable {
type boolean;
description
"Whether admission control is enabled.";
}
}
grouping tunnel-policy-grouping {
description
"Tunnel policy configuration.";
container rate-policy {
description
"Rate policy for the tunnel.";
uses rate-policy-grouping;
}
container admission-control-policy {
description
"Admission control policy.";
uses admission-control-policy-grouping;
}
leaf preemption-policy {
type identityref {
base preemption-policy;
}
description
"Preemption policy for the tunnel.";
}
}
grouping tunnel-lifecycle-grouping {
description
"Tunnel lifecycle timing information.";
leaf requested-start-time {
type yang:date-and-time;
description
"Requested start time from service intent.";
}
leaf admitted-start-time {
type yang:date-and-time;
description
"Admitted start time after admission control.";
}
leaf admitted-end-time {
type yang:date-and-time;
description
"Admitted end time for the tunnel.";
}
leaf activation-time {
type yang:date-and-time;
description
"Time when the tunnel was activated.";
}
leaf completion-time {
type yang:date-and-time;
description
"Time when the tunnel completed successfully.";
}
}
grouping tunnel-path-grouping {
description
"Tunnel path and endpoint information.";
leaf-list path-ref {
type string;
description
"References to TE paths or LSPs realizing this tunnel.";
}
container terminals {
description
"Terminal endpoints of the tunnel.";
leaf source-endpoint {
type string;
description
"Source endpoint identifier.";
}
leaf destination-endpoint {
type string;
description
"Destination endpoint identifier.";
}
leaf-list endpoint-group-ref {
type string;
description
"References to endpoint groups from service intent.";
}
}
}
grouping tunnel-protection-grouping {
description
"Tunnel protection configuration.";
leaf protection-type {
type identityref {
base protection-type;
}
description
"Type of protection for the tunnel.";
}
leaf restoration-priority {
type uint32;
description
"Restoration priority for the tunnel.";
}
}
grouping tunnel-resource-grouping {
description
"Tunnel resource allocation.";
leaf bandwidth {
type uint64;
description
"Allocated bandwidth for the tunnel.";
}
leaf buffer {
type uint64;
description
"Allocated buffer space for the tunnel.";
}
leaf queue {
type string;
description
"Queue identifier for the tunnel traffic.";
}
leaf time-slot {
type string;
description
"Time slot allocation for time-aware scheduling.";
}
leaf compute-affinity {
type string;
description
"Compute affinity or placement constraints.";
}
}
grouping performance-metrics-grouping {
description
"Performance monitoring metrics.";
leaf measured-throughput {
type uint64;
description
"Measured throughput of the tunnel.";
}
leaf measured-latency {
type uint32;
description
"Measured latency of the tunnel.";
}
leaf measured-loss {
type decimal64 {
fraction-digits 6;
}
description
"Measured packet loss rate.";
}
leaf last-updated {
type yang:date-and-time;
description
"Time when metrics were last updated.";
}
}
grouping performance-monitor-grouping {
description
"Performance monitoring container.";
container metrics {
description
"Performance metrics for the tunnel.";
uses performance-metrics-grouping;
}
}
/*
* Augment to TE tunnel model
*/
augment "/te:te/te:tunnels/te:tunnel" {
description
"Augment TE tunnel with HPC/AI realization information.";
container hpc-tunnel-realization {
description
"HPC/AI tunnel realization information.";
leaf realization-id {
type string;
description
"Unique identifier for this tunnel realization instance.";
}
leaf intent-ref {
type leafref {
path "/hpc-service:hpc-service-intent/hpc-service:intent/hpc-service:intent-id";
}
description
"Reference to the service intent instance being realized.";
}
container workload-ref {
description
"Reference to workload metadata from service intent.";
uses workload-reference-grouping;
}
leaf tunnel-type {
type identityref {
base tunnel-type;
}
description
"Type of tunnel used for realization.";
}
leaf realization-status {
type identityref {
base realization-status;
}
description
"Current status of the tunnel realization.";
}
container admission {
description
"Admission control state and decision.";
uses admission-grouping;
}
container tunnel-policy {
description
"Tunnel policy configuration.";
uses tunnel-policy-grouping;
}
container tunnel-lifecycle {
description
"Tunnel lifecycle timing information.";
uses tunnel-lifecycle-grouping;
}
container tunnel-path {
description
"Tunnel path and endpoint information.";
uses tunnel-path-grouping;
}
container tunnel-protection {
description
"Tunnel protection configuration.";
uses tunnel-protection-grouping;
}
container tunnel-resource {
description
"Tunnel resource allocation.";
uses tunnel-resource-grouping;
}
container performance-monitor {
config false;
description
"Performance monitoring information (read-only).";
uses performance-monitor-grouping;
}
}
}
/*
* Notifications
*/
notification tunnel-realization-status-change {
description
"Notification sent when tunnel realization status changes.";
leaf realization-id {
type leafref {
path "/te:te/te:tunnels/te:tunnel/hpc-tunnel-realization:hpc-tunnel-realization/hpc-tunnel-realization:realization-id";
}
description
"Identifier of the tunnel realization instance.";
}
leaf intent-ref {
type leafref {
path "/te:te/te:tunnels/te:tunnel/hpc-tunnel-realization:hpc-tunnel-realization/hpc-tunnel-realization:intent-ref";
}
description
"Reference to the associated service intent.";
}
leaf old-status {
type identityref {
base realization-status;
}
description
"Previous status of the tunnel realization.";
}
leaf new-status {
type identityref {
base realization-status;
}
description
"New status of the tunnel realization.";
}
leaf change-time {
type yang:date-and-time;
description
"Time when the status change occurred.";
}
leaf reason {
type string;
description
"Reason for the status change.";
}
}
notification tunnel-performance-threshold-breached {
description
"Notification sent when tunnel performance breaches threshold.";
leaf realization-id {
type leafref {
path "/te:te/te:tunnels/te:tunnel/hpc-tunnel-realization:hpc-tunnel-realization/hpc-tunnel-realization:realization-id";
}
description
"Identifier of the tunnel realization instance.";
}
leaf metric {
type enumeration {
enum throughput {
description "Throughput metric.";
}
enum latency {
description "Latency metric.";
}
enum loss {
description "Loss metric.";
}
}
description
"Performance metric that breached threshold.";
}
leaf measured-value {
type uint64;
description
"Measured value that breached the threshold.";
}
leaf threshold-value {
type uint64;
description
"Threshold value that was breached.";
}
leaf breach-time {
type yang:date-and-time;
description
"Time when the threshold was breached.";
}
}
}
¶
Tunnel realization state can reveal network topology, resource allocation, service timing, endpoint information, and operational performance. Implementations need to restrict access to authorized entities and protect management exchanges using authentication, authorization, and transport protection. Write access to realization state needs to be controlled to prevent unauthorized resource consumption or disruption of admitted workload services.¶
IANA is requested to register one URI in the "IETF XML Registry" [RFC3688]. Following the format in [RFC3688], the following registration is requested:¶
URI: urn:ietf:params:xml:ns:yang:ietf-hpc-tunnel-realization Registrant Contact: The IESG. XML: N/A; the requested URI is an XML namespace.¶
IANA is requested to register the following YANG module in the "YANG Module Names" registry [RFC6020].¶
name: ietf-hpc-tunnel-realization namespace: urn:ietf:params:xml:ns:yang:ietf-hpc-tunnel-realization prefix: hpc-tunnel reference: RFC XXXX¶
The authors acknowledge the related HP-WAN framework and problem statement work that provides the broader context for this tunnel realization model.¶
Example tunnel realization for the admitted AI training service intent:¶
"ietf-hpc-tunnel-realization:hpc-tunnel-realization": {
"realization-id": "tunnel-realization-001",
"intent-ref": "ai-training-job-2026-001",
"workload-ref": {
"workload-id": "distributed-training-001",
"job-id": "job-2026-04-23-001",
"correlation-id": "corr-ai-training-001"
},
"tunnel-type": "mpls-te",
"realization-status": "active",
"admission": {
"admission-status": "accepted",
"decision-time": "2026-04-23T09:50:00Z",
"reason": "Resources allocated as requested"
},
"tunnel-policy": {
"rate-policy": {
"min-rate": 100000000000,
"max-rate": 400000000000,
"fixed-rate": 200000000000,
"rate-unit": "bps"
},
"admission-control-policy": {
"enable": true
},
"preemption-policy": "non-preemptible"
},
"tunnel-lifecycle": {
"requested-start-time": "2026-04-23T10:00:00Z",
"admitted-start-time": "2026-04-23T10:00:00Z",
"admitted-end-time": "2026-04-23T12:00:00Z",
"activation-time": "2026-04-23T09:55:00Z"
},
"tunnel-path": {
"path-ref": [
"te-tunnel-dc-west-to-dc-east-001"
],
"terminals": {
"source-endpoint": "192.0.2.10",
"destination-endpoint": "198.51.100.20",
"endpoint-group-ref": [
"worker-nodes"
]
}
},
"tunnel-protection": {
"protection-type": "path-protection",
"restoration-priority": 50
},
"tunnel-resource": {
"bandwidth": 200000000000,
"buffer": 10000000,
"queue": "high-priority-queue",
"time-slot": "2026-04-23T10:00:00Z/2026-04-23T12:00:00Z"
},
"performance-monitor": {
"metrics": {
"measured-throughput": 195000000000,
"measured-latency": 4,
"measured-loss": 0.00005,
"last-updated": "2026-04-23T10:15:00Z"
}
}
}
}
¶