diff --git a/internal/mode/static/state/graph/gateway_listener.go b/internal/mode/static/state/graph/gateway_listener.go
index 94bceac2da..f1f4e6bd9f 100644
--- a/internal/mode/static/state/graph/gateway_listener.go
+++ b/internal/mode/static/state/graph/gateway_listener.go
@@ -225,12 +225,15 @@ func validateListenerHostname(listener v1.Listener) (conds []conditions.Conditio
 	return nil, true
 }
 
+// getAndValidateListenerSupportedKinds validates the route kind and returns the supported kinds for the listener.
+// The supported kinds are determined based on the listener's allowedRoutes field.
+// If the listener does not specify allowedRoutes, listener determines allowed routes based on its protocol.
 func getAndValidateListenerSupportedKinds(listener v1.Listener) (
 	[]conditions.Condition,
 	[]v1.RouteGroupKind,
 ) {
 	var conds []conditions.Condition
-	supportedKinds := make([]v1.RouteGroupKind, 0)
+	var supportedKinds []v1.RouteGroupKind
 
 	validRouteKind := func(kind v1.RouteGroupKind) bool {
 		if kind.Kind != v1.Kind(kinds.HTTPRoute) && kind.Kind != v1.Kind(kinds.GRPCRoute) {
@@ -243,6 +246,7 @@ func getAndValidateListenerSupportedKinds(listener v1.Listener) (
 	}
 
 	if listener.AllowedRoutes != nil && listener.AllowedRoutes.Kinds != nil {
+		supportedKinds = make([]v1.RouteGroupKind, 0, len(listener.AllowedRoutes.Kinds))
 		for _, kind := range listener.AllowedRoutes.Kinds {
 			if !validRouteKind(kind) {
 				msg := fmt.Sprintf("Unsupported route kind \"%s/%s\"", *kind.Group, kind.Kind)
diff --git a/internal/mode/static/state/graph/gateway_listener_test.go b/internal/mode/static/state/graph/gateway_listener_test.go
index 534c1eeeda..d60ad7321b 100644
--- a/internal/mode/static/state/graph/gateway_listener_test.go
+++ b/internal/mode/static/state/graph/gateway_listener_test.go
@@ -314,7 +314,7 @@ func TestGetAndValidateListenerSupportedKinds(t *testing.T) {
 			protocol:  v1.TCPProtocolType,
 			expectErr: false,
 			name:      "unsupported protocol is ignored",
-			expected:  []v1.RouteGroupKind{},
+			expected:  nil,
 		},
 		{
 			protocol: v1.HTTPProtocolType,
diff --git a/internal/mode/static/state/graph/gateway_test.go b/internal/mode/static/state/graph/gateway_test.go
index 1d58cff1e6..b942c4470f 100644
--- a/internal/mode/static/state/graph/gateway_test.go
+++ b/internal/mode/static/state/graph/gateway_test.go
@@ -543,8 +543,7 @@ func TestBuildGateway(t *testing.T) {
 						Conditions: staticConds.NewListenerUnsupportedProtocol(
 							`protocol: Unsupported value: "TCP": supported values: "HTTP", "HTTPS"`,
 						),
-						Routes:         map[RouteKey]*L7Route{},
-						SupportedKinds: []v1.RouteGroupKind{},
+						Routes: map[RouteKey]*L7Route{},
 					},
 				},
 				Valid: true,
diff --git a/internal/mode/static/state/graph/route_common.go b/internal/mode/static/state/graph/route_common.go
index 20ca4682fc..f8fedd50d0 100644
--- a/internal/mode/static/state/graph/route_common.go
+++ b/internal/mode/static/state/graph/route_common.go
@@ -535,8 +535,6 @@ func isRouteNamespaceAllowedByListener(
 }
 
 // isRouteKindAllowedByListener checks if the route is allowed to attach to the listener.
-// If the listener specifies allowed kinds, the route kind must be in the list.
-// If the listener does not specify allowedRoutes, allowed routes are determined using the listener protocol.
 func isRouteTypeAllowedByListener(listener *Listener, routeType RouteType) bool {
 	for _, kind := range listener.SupportedKinds {
 		if kind.Kind == convertRouteType(routeType) {
@@ -553,7 +551,7 @@ func convertRouteType(routeType RouteType) v1.Kind {
 	case RouteTypeGRPC:
 		return kinds.GRPCRoute
 	default:
-		return ""
+		panic(fmt.Sprintf("unsupported route type: %s", routeType))
 	}
 }
 
diff --git a/internal/mode/static/state/graph/route_common_test.go b/internal/mode/static/state/graph/route_common_test.go
index ceb150ffeb..36b32318a5 100644
--- a/internal/mode/static/state/graph/route_common_test.go
+++ b/internal/mode/static/state/graph/route_common_test.go
@@ -1743,7 +1743,7 @@ func TestAllowedRouteType(t *testing.T) {
 		expResult bool
 	}{
 		{
-			name:      "grpcRoute attaches to listener with allowedRoutes set to grpcRoute",
+			name:      "grpcRoute is allowed when listener supports grpcRoute kind",
 			routeType: RouteTypeGRPC,
 			listener: &Listener{
 				SupportedKinds: []gatewayv1.RouteGroupKind{
@@ -1753,7 +1753,7 @@ func TestAllowedRouteType(t *testing.T) {
 			expResult: true,
 		},
 		{
-			name:      "grpcRoute attaches to listener with allowedRoutes set to grpcRoute and httpRoute",
+			name:      "grpcRoute is allowed when listener supports grpcRoute and httpRoute kind",
 			routeType: RouteTypeGRPC,
 			listener: &Listener{
 				SupportedKinds: []gatewayv1.RouteGroupKind{
@@ -1764,7 +1764,7 @@ func TestAllowedRouteType(t *testing.T) {
 			expResult: true,
 		},
 		{
-			name:      "grpcRoute not allowed to attach to listener with allowedRoutes set to httpRoute",
+			name:      "grpcRoute is allowed when listener supports httpRoute kind",
 			routeType: RouteTypeGRPC,
 			listener: &Listener{
 				SupportedKinds: []gatewayv1.RouteGroupKind{
@@ -1774,7 +1774,7 @@ func TestAllowedRouteType(t *testing.T) {
 			expResult: false,
 		},
 		{
-			name:      "httpRoute not allowed to attach to listener with allowedRoutes set to grpcRoute",
+			name:      "httpRoute not allowed when listener supports grpcRoute kind",
 			routeType: RouteTypeHTTP,
 			listener: &Listener{
 				SupportedKinds: []gatewayv1.RouteGroupKind{