network-Architecture

Phase 1: SD-WAN Transformation & Traffic Engineering. I architected the transition from a rigid MPLS backbone to an agile SD-WAN overlay. This involved deep traffic analysis to define Quality of Service (QoS) classes and routing policies. I configured complex BGP peering relationships (iBGP/eBGP) with route reflectors to optimize path selection and minimize latency. The design included automated failover mechanisms, ensuring business continuity even during multiple link failures.

Phase 2: Data Center Virtualization & Automation. Leveraging VXLAN with BGP EVPN, I implemented a scalable leaf-spine fabric that enabled seamless Layer 2 extension across data centers. To eliminate configuration drift, I utilized Ansible and Python scripts for Infrastructure as Code (IaC) deployment. I also enforced strict Network Hardening standards (802.1X, ACLs, Control Plane Policing) to secure the management plane and prevent unauthorized access.