diff --git a/proto/bgp/packets.c b/proto/bgp/packets.c
index 26716573..b7cca08b 100644
--- a/proto/bgp/packets.c
+++ b/proto/bgp/packets.c
@@ -774,10 +774,10 @@ bgp_rx_open(struct bgp_conn *conn, byte *pkt, uint len)
 #define WITHDRAW(msg, args...) \
   ({ REPORT(msg, ## args); s->err_withdraw = 1; return; })
 
-#define BAD_AFI		"Unexpected AF <%u/%u> in UPDATE"
-#define BAD_NEXT_HOP	"Invalid NEXT_HOP attribute"
-#define NO_NEXT_HOP	"Missing NEXT_HOP attribute"
-#define NO_LABEL_STACK	"Missing MPLS stack"
+#define BAD_AFI		"Unexpected AF <%u/%u> in UPDATE."
+#define BAD_NEXT_HOP	"Invalid NEXT_HOP attribute %I (%s)."
+#define NO_NEXT_HOP	"Missing NEXT_HOP attribute."
+#define NO_LABEL_STACK	"Missing MPLS stack."
 
 
 static void
@@ -797,7 +797,7 @@ bgp_apply_next_hop(struct bgp_parse_state *s, rta *a, ip_addr gw, ip_addr ll)
       nbr = neigh_find(&p->p, ll, p->neigh->iface, 0);
 
     if (!nbr || (nbr->scope == SCOPE_HOST))
-      WITHDRAW(BAD_NEXT_HOP);
+      WITHDRAW(BAD_NEXT_HOP, gw, "missing or local neighbor");
 
     a->dest = RTD_UNICAST;
     a->nh.gw = nbr->addr;
@@ -806,7 +806,7 @@ bgp_apply_next_hop(struct bgp_parse_state *s, rta *a, ip_addr gw, ip_addr ll)
   else /* GW_RECURSIVE */
   {
     if (ipa_zero(gw))
-      WITHDRAW(BAD_NEXT_HOP);
+      WITHDRAW(BAD_NEXT_HOP, gw, "zero address");
 
     rtable *tab = ipa_is_ip4(gw) ? c->igp_table_ip4 : c->igp_table_ip6;
     s->hostentry = rt_get_hostentry(tab, gw, ll, c->c.table);
@@ -967,16 +967,16 @@ bgp_update_next_hop_ip(struct bgp_export_state *s, eattr *a, ea_list **to)
 
   /* Forbid zero next hop */
   if (ipa_zero(nh[0]) && ((len != 32) || ipa_zero(nh[1])))
-    WITHDRAW(BAD_NEXT_HOP);
+    WITHDRAW(BAD_NEXT_HOP, nh[0], "zero address");
 
   /* Forbid next hop equal to neighbor IP */
   if (ipa_equal(peer, nh[0]) || ((len == 32) && ipa_equal(peer, nh[1])))
-    WITHDRAW(BAD_NEXT_HOP);
+    WITHDRAW(BAD_NEXT_HOP, nh[0], "equals neighbor address");
 
   /* Forbid next hop with non-matching AF */
   if ((ipa_is_ip4(nh[0]) != bgp_channel_is_ipv4(s->channel)) &&
       !s->channel->ext_next_hop)
-    WITHDRAW(BAD_NEXT_HOP);
+    WITHDRAW(BAD_NEXT_HOP, nh[0], "wrong address family");
 
   /* Just check if MPLS stack */
   if (s->mpls && !bgp_find_attr(*to, BA_MPLS_LABEL_STACK))
@@ -1048,7 +1048,7 @@ bgp_decode_next_hop_ip(struct bgp_parse_state *s, byte *data, uint len, rta *a)
     ad->length = 16;
 
   if ((bgp_channel_is_ipv4(c) != ipa_is_ip4(nh[0])) && !c->ext_next_hop)
-    WITHDRAW(BAD_NEXT_HOP);
+    WITHDRAW(BAD_NEXT_HOP, nh[0], "wrong address family");
 
   // XXXX validate next hop
 
@@ -1129,7 +1129,7 @@ bgp_decode_next_hop_vpn(struct bgp_parse_state *s, byte *data, uint len, rta *a)
     bgp_parse_error(s, 9);
 
   if ((bgp_channel_is_ipv4(c) != ipa_is_ip4(nh[0])) && !c->ext_next_hop)
-    WITHDRAW(BAD_NEXT_HOP);
+    WITHDRAW(BAD_NEXT_HOP, nh[0], "wrong address family");
 
   // XXXX validate next hop