ICMP packets are being send from the machine at the start of the PCoIP session

Problem

At the start of a PCoIP session a network trace or firewall logs are recording ICMP packet being sent from the machine. Further investigation shows they are from the PCoIP Server process. PCoIP server logs show a trace route log of up to 30 hops.

03/12/2014, 07:56:49.143> LVL:2 RC:   0       SOCK_UTIL :trace_route: ---->  trace complete.  2 hops detected  
03/12/2014, 07:56:49.143> LVL:2 RC:   0       SOCK_UTIL :hop [ 1] -- rtt [1]:     1 ms,  [2]:     2 ms,  [3]:     1 ms -- ip: 10.0.0.1 -- name:   10.0.0.1
03/12/2014, 07:56:49.143> LVL:2 RC:   0       SOCK_UTIL :hop [ 2] -- rtt [1]:     2 ms,  [2]:     1 ms,  [3]:     1 ms -- ip: 192.168.-0.1 -- name: 192.168.0.1

Cause

The PCoIP Server process in HP Anyware Software performs a trace route using ICMP packets for diagnostic purposes. At the start of each PCoIP session the trace route is performed to the IP address of the client and the information from the trace route is logged in the PCoIP server log files to assist with network diagnostics.

The software will perform the trace route only when logging verbosity has been set to level 3.

Resolution

Change the logging verbosity to below level 3. Level 2 is the default logging level. If there is a requirement for level 3 logging and stopping the ICMP traffic, a custom Windows Firewall rule can be made to block ICMP Request packets from C:\Program Files (x86)\Teradici\PCoIP Agent\bin\PCoIP_Server_Win32.exe.