Right, I found the reason: ``` 2024-04-22 04:05:59.569 <ERR> KRT: Received route 10.240.2.0/24 with strange next-hop 10.50.0.1 2024-04-22 04:05:59.569 <ERR> KRT: Received route 10.240.224.2/32 with strange next-hop 10.50.0.1 ``` it happens because there is no "explicit" route to the next hop but the "device route". And in the current version of the OS I'm running `bird 2.15` that support specifying both next hop and device is not available yet. So I will be doomed to run it like that for another couple years. Would it not hurt otherwise to run it? (assuming I can live with sub optimal `! (100/?)` output). Thank you! On Mon, 22 Apr 2024 at 14:47, Ivan Kurnosov <zerkms@zerkms.com> wrote:

Hi team,

can somebody please help interpret the following output:

``` 10.50.0.1/32 unicast [static1 02:16:07.523] * (200) dev xfrm-40 10.240.224.2/32 unicast [hq 02:27:17.417] ! (100/?) [AS65020i] via 10.50.0.1 on xfrm-40 10.240.2.0/24 unicast [hq 02:27:17.417] ! (100/?) [AS65020i] via 10.50.0.1 on xfrm-40 ```

The current (birdc) machine establishes an ipsec tunnel and 10.50.0.1 is a firewall on the other side of the ipsec tunnel.

And kernel routes look like

``` 10.50.0.1 dev xfrm-40 proto bird scope link src 10.80.1.76 metric 32 10.240.2.0/24 via 10.50.0.1 dev xfrm-40 proto bird metric 32 10.240.224.2 via 10.50.0.1 dev xfrm-40 proto bird metric 32 ```

So, technically all works: packets flow as expected. It's only the `!` exclamation mark and `(100/?)` question mark that I cannot interpret.

Is it something I should worry about?

-- With best regards, Ivan Kurnosov

-- With best regards, Ivan Kurnosov