Hi Andre',
STP dispute occurs when a switch detetcts that a neighbor switch does not react to superior BPDU's sent by it and keeps on sending inferior BPDU's on that link with designated role and learning bit on.
In order to avoid possible loops (the assumption is that the link to the neighbor switch is unidirectional) the switch puts that port in blocking state - dispute. This is the theory.
About your case I suppose that the central switch is supposdely the root bridge, or it should be, correct?
About the BPDU's handling from Me3800x perspective, what those switches should do, process the bpdu's locally or forward (tunnel) them?
According to the syntax you are using a post 15.1(2)EY IOS release as the 'l2protocol forward' command has been added from this image onwards (before only peer and tunnel options were available) to overcome and interoperability issue between 7600 and me3800x.
To make a long story short there is still some confusion (even in Cisco documentation) about the 3 options for the l2protocol command. The exact behaviors are not properly documented anywhere but they should be:
l2protocol peer: PDUs are processed locally
l2protocol tunnel: Overwrites the PDU-destination MAC address with a well-known Cisco proprietary multicast address (01-00-0c-cd-cd-d0)
l2protocol forward: forwards the PDU without any change or local processing (like the 7600 behavior) with multicast address 01-00-0c-cc-cc-cd.
By configuring l2protocol forward cdp you are instructing the switch to tunnel cdp but not specific intructions is given for STP BPDUs (and to be honest with you I don't know what the default behavior should be at this stage).
So, the question I asked before is coming back. What the ME3800x is supposed to do with those BPDUs?
Can you try to configure the correct l2protocol command matching the behavior you wish for BPDUs?
regards,
Riccardo
