Cisco Spanning Tree – Blocking L2 Loops Without STP

Rule #1: in a mixed vendor environment, one avoids use of vendor proprietary protocols

There are (apparently) several complications attempting to use VSTP (a Juniper protocol) with PVST (RPVST actually, a Cisco protocol) -- while they both run a per-vlan RSTP instance, they don't do it exactly the same (something about tagged/untagged native vlans, etc.)

Your best bet would be to use an open, documented standard with rules everybody obeys. That would be MST (802.1s, now part of 802.1q.) Of course, MST is a great deal more complicated to setup. (been there... complex hundreds of vlans across 4 vendors)

All this assumes the carriers aren't screwing with the traffic. If I'm following your description, the metro-e links are between juniper switches and the cisco's hang off the juniper's at each site. If that's true, there's only one path from a cisco to the other side, so mac flaps shouldn't be possible -- unless there's a pair of junipers at each end round-robin'ing traffic between sites. (or there are etherchannels that aren't setup/running correctly)

You should turn loop guard on those ports... if rstp blocks a port and looses bpdus, it will unblock and form an unmanaged loop unless stp loopguard is on the port. If an rstp port looses bpdus on a loopguard port, the port will disable in a loop inconsistent state until it starts receiving bpdus again.