Symptom
SXP connection between WLC and N7K keep on flapping while sending IP-SGT bindings from WLC to N7K
Conditions
Sending Ip-SGT binding from WLC to N7K
N7K has SGACL enforcement enabled with a few SGACL policies having "log" option and continuous traffic hitting the "log" enabled policies.
Workaround
Remove "log" option from the SGACL aces that will cause packets punted to SUP to avoid control plane timeouts.
Further Problem Description
The "log" option causes packets to be punted to SUP and could possibly cause timeouts in the control plane. In this SXP TCP data packets were getting affected leading to unstable TCP connectivity.
