Jeffrey Wilson
Network Architect & Automation Engineer
BGP Operations & Incident Response
Diagnosed campus-wide CDN loss as an inbound traffic-steering prefix leak overnight, obtained external corroboration from a Google network engineer before 8am, and restored service via peer shutdown within minutes. Followed with RPKI/ROA registration and a permanent BGP advertisement redesign that eliminates the leak vector class. Multihomed ISP policy, RTBH, uRPF, and carrier WAN boundary design across a 20-year arc.
Network Automation
Built production automation across the full threat response lifecycle — RTBH blackhole injection via iBGP, email parsing, and Quagga CLI wrapping — replacing a multi-step approval workflow with a single-operator paste operation. Authored a TextFSM template corpus against five OS families with preflight coverage reporting and per-site gap analysis. Splunk, Palo Alto, CA Spectrum, and DHCP telemetry pipelines built in Perl and Python; homegrown NMS/IPAM validated by commercial replacement on departure.
Campus Fabric Architecture
Enforced NNI-only core boundary on the 2024 campus overhaul against organizational pushback — held design position through completion on the basis that collapsing edge ports onto core merges failure domains and destroys deterministic troubleshooting. Guided distribution-layer VRF design and provided architectural clarity on isolated FIB sharing a common SPBM backbone. Designed the LEARN provider boundary (2013) still in operation at departure: MPLS R&E, Internet2, commodity internet, and L2 transport on a single 2x10G port-channel.
Cross-Domain Authority
Owned the baylor.edu identity and HTTP architecture for 15 years — Palo NAT, F5 iRules, DNS, and SSL SAN cert stack — across four teams with no organizational mandate over any of them. Execution ran on reputation and trust; architecture scaled from 16K to 20K students and 1G to 2x10G ISP handoff without redesign. Designed an authenticating gateway from a NASA whitepaper and a spare workstation; operational footprint led to a CIO-intervened transfer into networking without a formal interview.
Observability
Built a multi-source Grafana stack at zero budget and own initiative: Statseeker, Palo Alto HA pair session counts, DHCP pool utilization, and CA Spectrum asset data — all correlated in InfluxDB via custom Perl pipelines. Session count color-coding detected unexpected HA failover events five to six times over five years. DHCP pool alerting triggered wireless admin rebalancing workflow before client impact.
Overlay Networking
Network architecture advisor on NSX-v deployment and subsequent NSX-T transformation; SME for VXLAN-to-Geneve encapsulation migration and underlay implications. Currently leading brownfield discovery and design-artifact generation for a multi-state hospital fabric upgrade targeting Cisco replacement — identified root cause of a production outage at the SPBM/Cisco boundary before either vendor team did.
Selected Writing
-
460 Devices, No Documentation, and the Pipeline That Changed That
The engagement had 460 managed devices and no current topology documentation. The Cisco design team needed three structured deliverables before they could move: device inventory, physical topology graph, VLAN/service map. Manual spreadsheet work would have taken weeks and produced a point-in-time artifact no one could re-run. I built the pipeline instead. The engagement was a…
-
1500 != 1500: MTU, OSPF EXSTART, and a 14-Byte Blind Spot
What OSPF is actually doing when it stalls in EXSTART, why MTU is the non-obvious suspect, and what to check first when you hit it.
-
When the Fix Becomes the Failure: ECMP, Zone Protection, and a 64KB Ceiling
Three ECMP firewall cutovers went cleanly. The fourth … did not, and it was the highest-profile pair in the sequence, sitting at the datacenter boundary. The short version: a zone protection profile applied proactively across all four ECMP pairs contained an MSS clamp that went unreviewed (and undetected) through three clean rollouts. The fourth pair…