Jeffrey Wilson
Network Architect & Automation Engineer
BGP Operations & Incident Response
Diagnosed campus-wide CDN loss as an inbound traffic-steering prefix leak overnight, obtained external corroboration from a Google network engineer before 8am, and restored service via peer shutdown within minutes. Followed with RPKI/ROA registration and a permanent BGP advertisement redesign that eliminates the leak vector class. Multihomed ISP policy, RTBH, uRPF, and carrier WAN boundary design across a 20-year arc.
Network Automation
Built production automation across the full threat response lifecycle — RTBH blackhole injection via iBGP, email parsing, and Quagga CLI wrapping — replacing a multi-step approval workflow with a single-operator paste operation. Authored a TextFSM template corpus against five OS families with preflight coverage reporting and per-site gap analysis. Splunk, Palo Alto, CA Spectrum, and DHCP telemetry pipelines built in Perl and Python; homegrown NMS/IPAM validated by commercial replacement on departure.
Campus Fabric Architecture
Enforced NNI-only core boundary on the 2024 campus overhaul against organizational pushback — held design position through completion on the basis that collapsing edge ports onto core merges failure domains and destroys deterministic troubleshooting. Guided distribution-layer VRF design and provided architectural clarity on isolated FIB sharing a common SPBM backbone. Designed the LEARN provider boundary (2013) still in operation at departure: MPLS R&E, Internet2, commodity internet, and L2 transport on a single 2x10G port-channel.
Cross-Domain Authority
Owned the baylor.edu identity and HTTP architecture for 15 years — Palo NAT, F5 iRules, DNS, and SSL SAN cert stack — across four teams with no organizational mandate over any of them. Execution ran on reputation and trust; architecture scaled from 16K to 20K students and 1G to 2x10G ISP handoff without redesign. Designed an authenticating gateway from a NASA whitepaper and a spare workstation; operational footprint led to a CIO-intervened transfer into networking without a formal interview.
Observability
Built a multi-source Grafana stack at zero budget and own initiative: Statseeker, Palo Alto HA pair session counts, DHCP pool utilization, and CA Spectrum asset data — all correlated in InfluxDB via custom Perl pipelines. Session count color-coding detected unexpected HA failover events five to six times over five years. DHCP pool alerting triggered wireless admin rebalancing workflow before client impact.
Overlay Networking
Network architecture advisor on NSX-v deployment and subsequent NSX-T transformation; SME for VXLAN-to-Geneve encapsulation migration and underlay implications. Currently leading brownfield discovery and design-artifact generation for a multi-state hospital fabric upgrade targeting Cisco replacement — identified root cause of a production outage at the SPBM/Cisco boundary before either vendor team did.
Selected Writing
-
When the Fix Becomes the Failure: ECMP, Zone Protection, and a 64KB Ceiling
Three ECMP firewall cutovers went cleanly. The fourth — the highest-profile pair in the sequence, sitting at the datacenter boundary — did not. If you read the LinkedIn post, you know the outcome: a vendor-recommended zone protection profile silently clamped MSS to 64KB on every new TCP connection established after the change, throttling throughput campus-wide…
-
BGP Prefix Leak, RPKI, and the Cold Email That Confirmed It
A BGP route leak at an Internet2 customer site propagated more-specific prefixes into the global table, causing every major CDN to black-hole return traffic to an entire campus network. Diagnosing it required a cold email to a Google network engineer at 8:40am. This is the full story: the triage, the root cause, and the architectural…