| Internet-Draft | Agent,policy-aware,network | July 2026 |
| Zhang | Expires 2 January 2027 | [Page] |
With the widespread adoption of AI Agents, traditional network architectures can no longer meet the demand for efficient collaboration between agents and networks. This document proposes a new paradigm of "AI Agent Policy-Aware Network", enabling three key transformations: from Flow-aware to Agent-aware, from QoS-based to Policy-intent-based, and from Network-driven to Agent-network collaborative. By defining core components such as the Agent Policy-aware Controller and Agent Policy-Aware Device, this paradigm establishes a dynamic mapping mechanism between Agent intents and network policies, supporting key scenarios including autonomous performance measurement, path optimization, SLA assurance, and secure transmission. This document outlines the background, scenarios, use cases and requirements of Agent Policy-aware Network.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 2 January 2027.¶
Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
AI Agents are widely used in many industries. Traditional applications passively consume network resources without independent decision-making, while AI Agents act as autonomous decision-making intelligent entities that interact with networks to deliver customized policy intents and request differentiated network capabilities. The booming adoption of AI Agents brings stricter requirements for network service assurance. However, existing networks built on classic QoS, APN or ARN mechanisms cannot comprehend Agent semantic intents, leading to four major challenges: - AI Agents lack standardized ways to explicitly convey demands like low latency or high security to networks; - No bidirectional collaboration channel exists between Agents and networks, blocking end-to-end SLA guarantees; - Static resource allocation fails to fit Agents’ dynamic and bursty traffic characteristics; - Rigid fixed security policies cannot adapt to diverse cross-Agent communication requirements.¶
This document proposes the Agent Policy-Aware Network paradigm to resolve these issues, realizing three core network transformations: - From Flow-aware to Agent-aware: Networks identify traffic by intelligent agents rather than individual flows; - From QoS-based to Policy-intent-based: Networks interpret and execute Agents’ high-level business intents beyond basic bandwidth/latency metrics; - From Network-driven to Agent-network collaborative: Enable bidirectional information exchange and joint decision making. These shifts turn networks from passive responders into active collaborative partners for AI Agents. This draft specifies typical scenarios, use cases and corresponding requirements for Agent Policy-Aware Networks.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
Service Agent (SA): An autonomous intelligent entity capable of perceiving environmental information, making independent decisions, and executing tasks to achieve specific goals, which can interact with networks to express policy intents and obtain network resources and service guarantees.¶
AI Agent Policy-Aware Network: A network paradigm that can identify, understand, and execute the policy intents of AI Agents, realizing dynamic mapping between Agent intents and network policies, and supporting bidirectional collaborative decision-making between Agents and networks.¶
Agent Policy-Aware Controller (APAC): A core component responsible for parsing Agent policy intents, dynamically mapping them to network policies, and coordinating resource allocation and policy enforcement across the network.¶
Agent Policy-Aware Device (APAD): A network device that can receive and execute policies issued by the Agent Policy-aware Controller or Service Agent, supporting real-time policy adjustment and enforcement based on network status and Agent requirements.¶
When a home health agent detects an elderly person fainting, it needs to immediately initiate a medical rescue process. During the rescue, vital sign data (such as heart rate and blood pressure) must be transmitted to the hospital in real time through an exclusive low-latency channel to ensure the timeliness of medical decisions. At the same time, the channel must meet high security level requirements to prevent data leakage and strictly prohibit cross-domain transmission to comply with medical privacy regulations. The network system should dynamically create and maintain this channel without manual intervention to support efficient response within the "golden rescue time" and achieve seamless collaboration between the Agent and the network.¶
In real-time game battles, player Agents need to obtain low-latency and low-jitter network guarantees during highly dynamic operations such as team battles and skill casting. Agents should be able to independently negotiate path switching with network Agents, supporting "lossless switching" requirements to avoid lag, while dynamically adapting to changes in game load. Based on Agent policy intents (e.g., "skill casting"), the network needs to real-time optimize transmission paths to ensure smooth operation responses. The entire process requires no human intervention, reflecting the collaborative capability of Agent active decision-making and network dynamic response, and improving the real-time and immersion of the game experience.¶
Government departments need to securely transmit sensitive medical data (such as cross-provincial health records), requiring the network to automatically establish an ultra-high-security channel. The security level of the channel must be dynamically adapted based on the trust domain to which the Agent belongs (e.g., enabling group security mechanisms within the health system), avoiding manual configuration of whitelists or security policies. The network should be able to identify the identities of collaborating parties (such as digital agents of provincial health commissions and municipal medical insurance bureaus), and enable preconfigured security policies to ensure compliant and efficient data transmission. At the same time, the channel needs to support cross-domain collaboration but be strictly limited to authorized trust scopes to meet the rigid requirements of government data security and compliance.¶
+-----------------+
| APA Controller |
| Network Agent |
+-----------------+
/ |
/ / \
/-------- Global intent -------/ / \
/ Complicate policy / \
/ __/ \
/-----/---\ +------------+ / \ +------'------+
| Service | Local intent | APA Device |---------------| APA Device |
| Agent |--------------| Net Agent |\ /| |
\-------- / Real-time +------/-----+ \ / +-------/-----+
policy | \ / |
| \ / |
| _\/ |
| __/ \__ |
+------\-----+ __/ \_ +-------\-----+
| APA Device |/ \| APA Device |
| |----------------| |
+------\-----+ +-------------+
\ /
\ +----------+ /
\------| Cloud |-----/
+----------+
¶
The architecture of the Agent Policy-Aware Network comprises three core functional components: the Agent Policy-Aware Controller (APAC), the Agent Policy-Aware Device (APAD), and service Agents including Business Agent, Consumer Agent, and Home Agent.¶
AI Agents act not only as network endpoints but also as schedulers. They explicitly convey their intents and network assurance requirements, and autonomously select network paths or egress nodes accordingly.¶
From the network perspective, APAC and APAD collaborate to identify, interpret, decompose, and enforce the intents submitted by AI Agents. APAD is responsible for local intent processing, policy enforcement, and operational status monitoring to enable low-latency local responses. APAC performs global complex intent analysis, cross-domain resource orchestration, policy optimization, and closed-loop lifecycle management to deliver end-to-end global network planning.¶
This section illustrates some use cases for Agent Policy-aware Networks.¶
Service Agents have strict latency and jitter requirements for specific data flows (e.g., emergency rescue video streams), and need real-time end-to-end network quality perception to ensure business SLA compliance.¶
Agent Actions:¶
1.Collaborate with Measurement Agents on APAD, and issue structured measurement intents based on business SLA requirements (latency, jitter, packet loss, reliability).¶
2.Receive structured measurement results fed back by APAD upon task initialization, service handover or network quality degradation, and extract quantitative performance characteristics of business flows (total session traffic, packet length, traffic time-series patterns, etc.).¶
3.Predict traffic and security requirements based on measured performance characteristics, map business semantic actions to network traffic features, and output explicit QoS requirements (low latency, anti-jitter, bandwidth reservation, ultra-high security, etc.) to the network.¶
Network Actions:¶
1.Measurement Agents on APADs automatically select adaptive measurement protocols (e.g., in-band flow detection, TWAMP) according to Agent measurement intents.¶
2.APADs structure and feed back collected performance data to Service Agents in a standardized format.¶
3.Generate unique Agent policy-aware identifiers for business flows after receiving QoS requirements, and allocate dedicated network resources to implement differentiated quality guarantees.¶
When congestion or faults occur on the current transmission path, service SLAs may be degraded. The network should switch to a more optimal path without service interruption, enabling fault self-healing and experience self-optimization, thereby ensuring continuous service delivery.¶
Agent Actions:¶
Service Agents receive network feedback of quality degradation alarms, and issue a request for "path recalculation and switching" to the network in combination with service tolerance (e.g., "temporary interruption allowed" or "lossless switching mandatory").¶
Network Actions:¶
The Agent Policy-aware Controller (APAC) calculates an optimal set of schedulable paths that meet constraints based on real-time network topology and link status, confirms the switching strategy with Service Agents, and finally executes seamless path migration.¶
Schedulable Path Set Information Model: ‐Basic Identifier: Path ID / Path Group ID ‐Performance Attributes: Latency, jitter, packet loss, bandwidth, remaining bandwidth ‐O&M Attributes: Cost, priority, reliability, congestion probability ‐Constraint Attributes: Slicing support, cross-domain support, encryption support¶
Different types of traffic from Agents feature high dynamism, burstiness and periodicity (e.g., scheduled big data synchronization). The network needs to allocate exclusive resources such as bandwidth on demand to realize "tidal scheduling" of network resources, greatly improve resource utilization, and ensure deterministic experience for critical services.¶
Agent Actions:¶
Service Agents predict future traffic trends and send "resource reservation intents" (including time window, bandwidth peak, and duration) to the network.¶
Network Actions:¶
The Resource Agent of APAC evaluates the global network load: if resources are sufficient, it temporarily locks the corresponding bandwidth slice; if resources are tight, it negotiates a degradation scheme with the Agent or suggests adjusting the time window.¶
The Path Agent of APAC completes the full lifecycle management of bearer tunnels such as SRv6 Policy and network slicing, adjusting the level of SLA assurance and dismantling tunnels on demand.¶
For Agent collaboration requirements that transmit information in a specified sequence, SRv6 service function chain evolution technology is adopted to ensure the order and reliability of information transmission, meeting the timing requirements of collaborative tasks.¶
When Agents in different trust domains conduct data interaction, the network needs to dynamically match the corresponding security levels and encryption mechanisms to realize identity and context-based dynamic zero-trust security, ensuring that data only flows within authorized scopes.¶
Agent Actions:¶
The communicating Agents exchange identity credentials and trust domain attributes, and declare the required security levels (e.g., "national cryptographic algorithm encryption", "cross-domain isolation").¶
Network Actions:¶
The Network Security Agent parses the identities of both parties, automatically retrieves and matches preconfigured cross-domain mutual trust policies, and provides hierarchical security technologies on demand, including IPSec, QKD key distribution, and group secure transmission. The policies are automatically revoked after the session ends.¶
Complex service guarantee intents submitted by service agents in intelligent operations and real-time interactive scenarios cannot be fulfilled by a single agent alone. This use case defines mechanisms for an orchestration agent to decompose high-level service intents and coordinate home gateway sub-agents(for scenarios involving home agents), resource sub-agents, and routing sub-agents to perform joint optimization across access and backbone network, enabling end-to-end network guarantees via multi-agent collaboration.¶
Experience-aware agents or service agents generates structured service guarantee intents tagged with a globally unique task identifier, and forwards these intents to the orchestration agent. The orchestration agent parses service requirements and decomposes the composite task into three discrete subtasks: access scheduling, resource reservation, and path optimization. Each subtask is dispatched to the corresponding dedicated sub-agent.¶
The home gateway agent, resource agent, and routing agent submit their respective policy requests to the APAD through the APAC. In cases of resource shortage, cross-agent negotiation is mediated by the orchestration agent.¶
APAD correlates all relevant service flows under a unified task ID to support centralized task lifecycle management. Home gateway sub-agent:adjust forwarding priority for target service flows. Resource sub-agent:provision isolated bandwidth resources on demand. Routing sub-agent: dynamically re-route traffic onto optimal transmission paths.¶
APAC and APAD automatically releases all temporary scheduling resources once the task completes. Upon successful deployment of all subtask policies, the orchestration agent persists full collaborative task metadata to enable subsequent integration with metering and charging workflows.¶
Temporary workloads driven by autonomous agents consume heterogeneous network resources, creating a need for task-granular resource accounting and differentiated charging. This use case specifies how the network collects full resource metrics bound to task identifiers, exposes standardized metering data via defined interfaces to a charging agent, and facilitates tiered settlement based on task priority and execution complexity.¶
After all task policies are provisioned, the orchestration agent synchronizes structured task metadata to the charging agent, including the task ID, SLA tier, task lifetime, types of participating sub-agents, and allocated bandwidth and other network resources.¶
The APAD continuously collects per-task resource consumption metrics keyed by task ID, including bandwidth utilization, isolated tunnel occupancy, and link load statistics.¶
The APAD packages raw consumption metrics into standardized metering records and tags all metering records with the associated SLA tier to differentiate resource overhead incurred by services of varying priority levels. And the APAD exposes machine-readable interfaces for external consumption of metering data.¶
The charging agent continuously retrieves real-time metering statistics via the interfaces provided by the APAD.¶
Upon task termination, the charging agent aggregates full-lifecycle resource consumption metrics and generates tiered charging records following predefined pricing rules.¶
TBD.¶