Hmm, I take it back. Neither the TenGig nor the Gig ports seem to be passing DHCP traffic. I did some additional experimenting. If I wire a node directly to a Gig interface port on the Dell N3024 I get PXE boot. 

Additional data point.. I didn't have this problem with the HP switch I used prior. But we wanted a 10G uplink if possible, and we had the Cisco on hand. I guess the question remains though if the Cisco is blocking the traffic, or if the Dell is.

Switch#show run interface TenGigabitEthernet1/0/1
Building configuration...

Current configuration : 41 bytes
!
interface TenGigabitEthernet1/0/1
end

Switch#show interface TenGigabitEthernet1/0/1
TenGigabitEthernet1/0/1 is up, line protocol is up (connected)
Hardware is Ten Gigabit Ethernet, address is 34bd.c8a0.9fb3 (bia 34bd.c8a0.9fb3)
MTU 9000 bytes, BW 10000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not set
Full-duplex, 10Gb/s, link type is auto, media type is SFP-10GBase-CX1
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 139000 bits/sec, 211 packets/sec
5 minute output rate 14985000 bits/sec, 1249 packets/sec
4702107620 packets input, 1600923369535 bytes, 0 no buffer
Received 778386296 broadcasts (777897180 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 777897180 multicast, 0 pause input
0 input packets with dribble condition detected
16154093535 packets output, 21860091136382 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
637018 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
Switch#

hi,

Are you using anything like  dhcp snooping in your environment?

Thanks

John

No

Could be bug in ios. What ios version are you running? Have you tried another ios version.

Thanks

John

Some clarity here, please.  IS pure DHCP apparently working for IP addresses across the board, in all situations, and just PXE boot failing?

The PXE boot process is more sensitive to timing than typical DHCP.  Workstations "connect" to the network and activate the port, and retry for an IP address if they don't get one immediately.  PXE boot will time out and fail in the same situation.  Just for fun, try using a cheap minihub in front of one of the switches, that you then connect a PXE workstation you are building.  If that works, you have to get the negotiation timing reduced on your switchports.

Ways to do that? 

- spanning-tree portfast

- switchport mode access (don't let it negotiate trunking !)

There may be others (I think there are a total of about 5 negotiations that take place every time a switch "sees" a device connect; some like spanning-tree can take 30 seconds.

See my followup for the ultimate solution.

I should add that what is actually failing is PXE boot. Which presumably means that there are 2 or 3 different ports involved in the traffic getting blocked. I'm not seeing DHCP offer/ack in the logs, but it's actually port 4011 initially?