Weave Net Built a Virtual Network for Containers. The Protocol Carries No Semantic Authority.
by Nick Clark | Published March 28, 2026
Weave Net pioneered simple container networking by creating virtual overlay networks with automatic mesh topology, encrypted inter-host communication, and built-in DNS-based service discovery. Containers across hosts could communicate as if on the same network without complex configuration. The connectivity model is elegant. But Weave Net's protocol creates network connectivity without embedding trust scope, governance authority, or semantic routing policy in the traffic itself. The overlay provides a virtual network. It does not provide governed communication. The gap is between automatic connectivity and protocol semantics where authority is intrinsic to the content.
Weave Net's approach to simplifying container networking, especially in the early Docker era, made multi-host container communication accessible. The automatic mesh, fast datapath, and WeaveDNS were practical innovations. The gap described here is about protocol semantics, not about overlay networking design.
Connectivity without content awareness
Weave Net encapsulates packets in its overlay protocol (VXLAN or its own sleeve protocol) for transport between hosts. The encapsulation provides virtual network addressing and optional encryption. But the encapsulation is a transport function. The protocol does not inspect, interpret, or act on the content it carries based on semantic properties.
A container sending a high-trust governance command and a container sending low-priority telemetry produce packets that the overlay treats identically. The protocol routes based on destination address, not based on the content's governance requirements.
Network policy as an add-on, not a protocol property
Weave Net supports Kubernetes network policies through its policy controller. Policies define which pods can communicate. But policies are applied to the overlay traffic from outside; the traffic itself carries no policy information. Network policies reference Kubernetes labels and namespaces, not protocol-level governance fields.
The traffic is policy-unaware. The enforcement system is policy-aware. This separation means policy decisions depend on correlating network identifiers with external metadata rather than inspecting governance fields intrinsic to the content.
What memory-native protocol semantics provide
A memory-native protocol would embed governance authority in the overlay protocol itself. Each encapsulated packet would carry trust scope, routing policy, and governance constraints as protocol fields. The overlay network would route and enforce based on these intrinsic fields rather than correlating with external Kubernetes metadata.
The automatic mesh topology that Weave Net pioneered could serve as the connectivity layer for memory-native protocol communication. The governed protocol above would ensure that connectivity comes with governance, not as separate concerns.
The remaining gap
Weave Net made container networking automatic and accessible. The remaining gap is in the protocol layer: whether the overlay network can carry governance semantics intrinsically rather than depending on external policy systems to govern the traffic it connects.
