Good work! Now you have some valuable information to work with. The first piece of info you have is the MAC address of the device. From the packet you provided, you see "Client MAC address: 00:23:7d:e3:65:54". The left-most 6 digits, 00237d, tell you the vendor is Hewlett Packard. But more importantly, with the MAC address you can search the ARP caches of your switches to find the port it's connected to, and you can find the device.
Secondly, in the packet, Option: (t=60,l=32) Vendor class identifier = "PXEClient:Arch:00000:UNDI:002001", means that the device is trying to "PXE Boot", or boot from the network. Network Boot is build into the NIC BIOS and can be disabled in the PC's BIOS by removing it as one of the startup options. PXE boot uses "bootp" protocol, a subset of DHCP which doesn't include the concept of leasing. IP addresses assigned with bootp don't expire, and that's why eventually it consumes all the IPs in the scope. You didn't provide any other DHCPREQUEST packets, but you could check them for other MAC addresses. It could be just 1 PC that is cycling through the network boot process, failing each time, but consuming another IP each time.
Best course of action now is to find the device by searching the switches for its MAC address, and adjust its BIOS settings to prevent it from PXE booting.
