Answer

Attached are reference log and .pcap files.  The following example was built using a similar setup.

The following settings are used in this example:
Client Agent: Dagent 6.9.371
Client IP: 10.1.1.101
Client MAC: 00:0C:29:33:50:95
DS IP: 10.1.1.6
DS MAC: 00:0c:29:4b:22:37
Multicast IP: 255.1.2.3

Client communication should go something like the following (note we are mostly concerned about UDP / ARP / IGMP traffic):
Note: Checksum errors are removed

Packet are summarized as follows:
Pack Number | Time (from start of recording) | Source | Destination | Protocol | Info

The client first sends a message to the multicast group looking for the server.
1 0.000000 10.1.1.101 225.1.2.3 UDP Source port: genie  Destination port: genie 
Packet data:
Request=GetServer
MAC-Address=00FF8884B085
Addl-MAC-Address=00111115B622
Node-Type=Workstation

Note: Dagent has a bug in 6.9 sp1 where this information is static.  These values should represent the data on the client.

Then the client subscribes to the IGMP group
2 0.000645 10.1.1.101 224.0.0.22 IGMP V3 Membership Report / Join group 225.1.2.3 for any sources

The server replies to the multicast group
3 0.011585 10.1.1.6 225.1.2.3 UDP Source port: genie  Destination port: genie
Packet data:
Reply=GetServer
Server-Name=PBSV-DPLYEUT2
TCP-Address=10.1.1.6
Port=402
MAC-Address=00FF8884B085
Known=No

Client does a membership update
4 0.017226 10.1.1.101 224.0.0.22 IGMP V3 Membership Report / Leave group 225.1.2.3

Client then checks ARP to find who has the IP that replied to the broadcast
5 0.035484 Vmware_33:50:95 Broadcast ARP Who has 10.1.1.6?  Tell 10.1.1.101

The server replies to the ARP query
6 0.036603 Vmware_4b:22:37 Vmware_33:50:95 ARP 10.1.1.6 is at 00:0c:29:4b:22:37

The client then begining syn, syn/ack, ack handshake.  See Connection establishment at http://en.wikipedia.org/wiki/Transmission_Control_Protocol
7 0.037852 10.1.1.101 10.1.1.6 TCP 49174 > genie [SYN] Seq=0 Win=8192

The server send back an syn/ack to the request
8 0.038517 10.1.1.6 10.1.1.101 TCP genie > 49174 [SYN, ACK] Seq=0 Ack=1 Win=64240 Len=0 MSS=1460 WS=0

The client finishes ack
9 0.044179 10.1.1.101 10.1.1.6 TCP 49174 > genie [ACK] Seq=1 Ack=1 Win=65536  Len=0

Once communication with the server is confirmed the client leaves IGMP
10 0.329383 10.1.1.101 224.0.0.22 IGMP V3 Membership Report / Leave group 225.1.2.3

Client sends up inventory to server
11 2.286284 10.1.1.101 10.1.1.6 TCP 49174 > genie [ACK] Seq=1 Ack=1 Win=65536 Len=2920
Some Pack data for example:
Request=UpdateComputer
Agent-Settings=Included
AllowRemoteControl=0
Asset-Tag-Number=No Asset Tag
Auto-Update-Count=8
Auto-Update-Current0=altiris-dagent-6.9.371.X86.exe

Server says thank you
12 2.287501 10.1.1.6 10.1.1.101 TCP genie > 49174 [ACK] Seq=1 Ack=2921 Win=64240 Len=0

Client continues to send inventory
13 2.292929 10.1.1.101 10.1.1.6 TCP 49174 > genie [PSH, ACK] Seq=2921 Ack=1 Win=65536 Len=617

Server says thanks again
14 2.467505 10.1.1.6 10.1.1.101 TCP genie > 49174 [ACK] Seq=1 Ack=3538 Win=63623 Len=0

Server replies to client with work to do or next task
15 3.329709 10.1.1.6 10.1.1.101 TCP genie > 49174 [PSH, ACK] Seq=1 Ack=3538 Win=63623 Len=188
Packet data:
Reply=UpdateComputer
ID=5000021
Boot=Production
Server-Name=PBSV-DPLYEUT2
Result=Success
Work-To-Do=No
DSVersion=6.9.365
UpdateSettings=No
Request=TimeSync
UTC-Time=2009-04-06T16:16:43Z

Client lets the server know he got the info
16 3.536332 10.1.1.101 10.1.1.6 TCP 49174 > genie [ACK] Seq=3538 Ack=189 Win=65280 Len=0