nzorn
Expert
Expert

ICMP Traffic from View Client to View Connection Server & Desktop

Jump to solution

I noticed that when users connect into View that there is a lot of ICMP Traffic from the View Client host to the View Connection Server & VDI desktop.  I have ICMP blocked for any external users coming in so I see lot of these deny attempts in my logs.  I've checked the VMware documentation and can't find anything talking about needing to allow ICMP.

So I guess I'm wondering why the View client is trying to do this, and what is the purpose?  Am I hurting anything by blocking this ICMP traffic?

0 Kudos
1 Solution

Accepted Solutions
SanjaySP1
VMware Employee
VMware Employee

hi nzorn,

It is expected behavior.

The reason is during an active PCoIP session View does traceroute to their peer end points and record the results in their respective logs. This information is required for PCoIP troubleshooting purposes such as determining the number of hops and ICMP latency.

Regards,

Sanjay

ssp@vmware.com

View solution in original post

0 Kudos
9 Replies
nzorn
Expert
Expert

bump

0 Kudos
jgotway
Contributor
Contributor

Have you noticed any effects from turning off ICMP? Some things that come to mind are related to health in View Administrator. Do all components show up as green? Do any of your reporting tools indicate problems due to the inability to complete a ping request? What I have gathered from reading is that the ICMP requests are related to View calculating bandwidth to provide the best performance on the client. Is that what you gathered as well?

I agree, in general documentation is lacking on this one.

0 Kudos
nzorn
Expert
Expert

Thanks for your reply.  I have not noticed any issues by disabling ICMP, but then again it was never allowed from my external connections.  Everything shows up green, I don't have many View reporting tools, but they are all working.  Good note on maybe they are using it to calculate available bandwidth....

I might open a ticket to get an official answer.

0 Kudos
nzorn
Expert
Expert

VMware Support Request #16932072303 was opened.

0 Kudos
SanjaySP1
VMware Employee
VMware Employee

hi nzorn,

It is expected behavior.

The reason is during an active PCoIP session View does traceroute to their peer end points and record the results in their respective logs. This information is required for PCoIP troubleshooting purposes such as determining the number of hops and ICMP latency.

Regards,

Sanjay

ssp@vmware.com

View solution in original post

0 Kudos
nzorn
Expert
Expert

Thanks for the reply Sanjay!

So I might see some performance improvement by allowing ICMP from external connections?

0 Kudos
SanjaySP1
VMware Employee
VMware Employee

No, performance will remain same in both cases (ICMP allowed or blocked).

nzorn
Expert
Expert

Thanks again for the clarification!

0 Kudos
arjanhs
Enthusiast
Enthusiast

Is there any documentation about allowing ICMP traffic between agent and broker, couldn't find it anywhere. I'm having provisioning issues cause of this. We have placed a firewall between the agent subnets and the connection brokers.

Regards,

Arjan

0 Kudos