You Don’t Need a CCIE to Build a Network—Until You Do
Keith Townsend
Founder & Executive Strategist | Advisor to CIOs, CTOs & the Vendors Who Serve Them
Florian Berchtold told isn’t a network engineer. He’s a Principal Engineer for Developer Productivity at Zipline—a drone logistics company. Yet he recently built a 60-node, multi-rack, spine-leaf on-prem network, without touching a CLI.
https://www.youtube.com/watch?v=JUsrufXxMfI
No, this isn’t a science project. It’s a working production setup built with Hedgehog, a Kubernetes-native platform for declarative networking.
Florian wrote YAML. The system handled BGP, route leaking, and fabric config under the hood.
That’s the promise of cloud-native abstractions meeting physical infrastructure.
But let’s not get ahead of ourselves.
🧱 The Floor Has Dropped, but the Ceiling Remains
Hedgehog and similar tools lower the barrier to deploying functional, high-performance on-prem networks—especially for developer-driven orgs.
They offer:
Kubernetes CRDs to define topologies and VPCs
Self-service for internal teams
Zero-touch provisioning and lifecycle automation
You don’t need to be a CCIE to describe what you want.
But as complexity grows—multi-tenant, multi-site, high-speed fabrics, deterministic routing—you hit a point where abstractions alone aren’t enough.
That’s when you stop needing a network consumer and start needing a network platform engineer.
⚠️ Complexity Doesn’t Disappear—It Repositions
When your stack includes:
AI training clusters with RDMA
Sovereign cloud boundaries
Disjoint IP domains
Layer 3 overlays
Route isolation and peering policy
…someone needs to know how those YAML declarations translate into real-world packet flow.
That person doesn’t need to do the config manually. But they do need to define the architecture that makes the whole thing safe and scalable.
👨🔧 The Platform Engineer: From Gatekeeper to Enabler
The real innovation here isn’t “no more network engineers.”
It’s turning network engineering into a platform:
Guardrails, not gates
APIs, not ticket queues
Config-as-code, not config-by-console
The platform team builds a reusable, secure abstraction. Developers deploy infrastructure like they would in the cloud. Everyone wins.
This is how complexity is managed in modern environments:
Don’t eliminate complexity. Encapsulate it.
🧠 Final Thought: Expertise Still Matters—Just at a Higher Layer
Florian didn’t need to know BGP or VXLAN. But someone designed a system where he didn’t have to.
You don’t need a CCIE to build a network—until you do.
And when you do, it’s not to provision a switch. It’s to build a platform that others can safely consume.
Tech Marketing @Hedgehog - M.Sc, Kubestronaut, CCIE 9961 Emeritus, VCIX, CISSP
1wAs a CCIE, I know that network changes require careful engineering - one config mistake can cascade across the entire fabric. That meticulous approach worked when change was infrequent. But modern infrastructure demands dynamic orchestration. Containers and hypervisors proved that network solutions can sync perfectly with application stacks in real-time. Yet physical networks remained static outsiders, patched over with Linux networking solutions. AI workloads have made this critical: we need physical networks that integrate dynamically with automated cloud infrastructure. Self-service provisioning with complex ACLs, QoS, and multi-tenant configs deployed algorithmically in milliseconds - no human can validate distributed access changes at that speed. The question isn't whether you're skilled enough. It's whether networks will join the dynamic stack delivering instant provisioning, or remain the bottleneck that can't keep up. Hedgehog hasn't reduced my need for deep network knowledge - it's freed me to focus on architecture and deliver solutions that were impossible with traditional approaches.
Great insights on the importance of human connection in networking. A well-crafted strategy truly makes a difference in productivity.
GPU Connective Tissue
1moGreat coverage Keith. I couldn’t have said it better.