Thanks Mark for the details, as such the client is connecting his device directly on to the device R2 on which one of the port is configured with the same vlan.

     By any chance can you let me know any debug commands which can help me troubleshoot the issue and get this sorted out. As per my understanding the DHCP debug should not cause the process utilization of the switch to shoot up and bring down the device.

Hey on the device that's hes connected to run debug ip dhcp server packets and debug ip dhcp detail , see if hes requesting an ip address and see if one is getting through but not being picked up by the end device

You can ping the helper address from the vlan interface yes ?

Can you post your config just the hsrp interfaces and the user interface.

Aswell you can see if the issue is specific to one router as its active/standby failover between the routers in hsrp using the priority command and see if the problem exists when passing through each router or if its just on thats causing it

also an issue I fixed with hsrp dhcp recently someone added broadcast statement under vlan interface which had an effect on the helper as its unicast and caused the flag to be set wrong going outbound so client could never receive the ip address even though it was being sent to him

This is a good doc which shows you the correct order of messages and what they mean in debug

http://www.cisco.com/c/en/us/support/docs/ip/dynamic-address-allocation-resolution/27470-100.html

Thanks Mark let me do the debug and check on the outputs. To answer the other question

You can ping the helper address from the vlan interface yes ?  Yes

Also the design which I depicted above is not the actual design.  The DHCP server is out on the WAN on another location.  The distribution is connected to the routers and the routers are taking the request forward.  The end user machine is actually connected to the distribution switch.  But any how the ip helper address is on the vlan on the distribution switches. So, the design would more or less be similar.

Yeap I had gone through this link which you had provided earlier as well and that is a good one.

W.r.t to the HSRP configs below are those,

R2 Configs on which the end user machine is connected and the standby one

interface Vlanxx
 ip address xxx
 ip helper-address 10.x.x.x
 ip helper-address 10.x.x.x
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 standby 2 ip x.x.x.1
 standby 2 timers msec 500 msec 1500
 standby 2 preempt

R1 configs

interface Vlanxx
 ip address x.x.x.x
 ip helper-address 10.x.x.x
 ip helper-address 10.x.x.x
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 standby 2 ip x.x.x.1
 standby 2 timers msec 500 msec 1500
 standby 2 priority 105
 standby 2 preempt

User Interface
interface FastEthernet0/x
 power inline never
 switchport access vlan xx
 switchport mode access
 switchport nonegotiate
 switchport port-security maximum 3
 switchport port-security
 switchport port-security aging time 15
 switchport port-security violation restrict
 switchport port-security aging type inactivity
 storm-control broadcast level 25.00
 no cdp enable
 spanning-tree portfast
 spanning-tree bpduguard enable

Yes once you can reach the helper ip you should be able to retrieve an ip address from the server no matter if its access switch or dist switch , config looks ok too , let me know if the debugs show anything useful

Hi Mark,

    I was able to run the debugs and was able to find the below outputs as such, apart from it I did not see any return packets as such..

Dec 18 07:58:11.179 GMT: DHCPD: setting giaddr to 1x.xx.xx.xx4.

Dec 18 07:58:11.179 GMT: DHCPD: BOOTREQUEST from 1bb7.9ce0.feb6 forwarded to xx.xx.xxx.6.

Dec 18 07:58:11.179 GMT: DHCPD: BOOTREQUEST from 1bb7.9ce0.feb6 forwarded to xx.xx.xxx.4.

Dec 18 07:58:12.638 GMT: DHCPD: setting giaddr to 1x.xx.xx.xx4.

Dec 18 07:58:12.638 GMT: DHCPD: BOOTREQUEST from 1bb7.9ce0.feb6 forwarded to xx.xx.xxx.6.

Dec 18 07:58:12.638 GMT: DHCPD: BOOTREQUEST from 1bb7.9ce0.feb6 forwarded to xx.xx.xxx.4.

Dec 18 07:59:06.662 GMT: DHCPD: checking for expired leases.

Is the dhcp server definitely setup to serve back both BOOTP and DHCP for that scope , it looks like your getting no reply , after the request you should get something like DHCPD: forwarding BOOTREPLY to client 

    Mark as per the details given to me, this was earlier working with the same scope, and there were no changes done on to the scope part as such.  But again better to have them confirmed by the team.

    Also there are 2 more routers above these distribution switches and when I ran the debug ip udp packets or debug ip dhcp server packets/events I was not able to see any details on the routers nor any log information captured on routers.  I do suspect if the router is not sending those details out to the DHCP servers, or once the packet is uni-casted from the distribution to the DHCP servers the router has no role to play here?