We disabled the dhcp-snooping and identity management on all ports. We need to leave broadcast forwarding enabled on the Desktops VLAN as it is used for Wake On LAN and had been configured with no issue.
I worked through this link https://gtacknowledge.extremenetworks.com/articles/How_To/Troubleshooting-DHCP-issues, and my results have me at even more of a loss based on my testing on one system.
These are the steps that I can take to replicate the issue:
1) PC is connected directly to the network and working fine
2) Delete the IP lease from DHCP
3) Run ipconfig /release on the PC
4) Shut down the PC and then power it back on
5) After entering username and password, the PC says "network or timeout error" and Wireshark on the DHCP server looks like this. (172.22.34.1 = IP of VR on core switch, 172.22.32.27 = IP of DHCP server, 172.22.34.2 = IP of VR on desktop switch)
6) Steps 4-5 were followed multiple times and the same result happened.
7) Install a small network switch inline between the Summit and the same PC used for testing.
😎 Turn on the PC, network login works, and Wireshark on the DHCP server shows this. (172.22.34.1 = IP of VR on core switch, 172.22.32.27 = IP of DHCP server, 172.22.34.2 = IP of VR on desktop switch)
9) Steps 2-4 were followed multiple times and the same result happened (could log into the PC after deleting the lease as long as the mini switch was still in place).
The DHCP troubleshooting article talks about issues with the client or the scope, but that clearly isn't the case here as the same PC either works or doesn't work with the addition of a dumb switch inline.