I entirely agree that a little bit of packet loss to a Google DNS server is normal.  this has become more frequent now that Google itself is an internet provider in many markets with their Fiber product.  This can become an issue though as with some providers like CenturyLink,for a few sites that is a constant 5-8% which has become worse with the loss of  net neutrality.   By default, the dashboard will report packet loss to 8.8.8.8 on the Security Appliance, - Uplink page.  You can add another address to ping instead such as one of your head end servers or even your provider's DNS server which will give a more accurate representation of the quality of the connection.  From Dashboard, Select Security Appliance - Traffic Shaping.  Under Uplink Statistics, you can see it will ping 8.8.8.8 by default, but you can add your own destination as well.  Options here would be your head end server if you are a large organization, your local provider's DNS server (whatsmydns.net), a hop on a trace route that is still on your provider network, or maybe even your public DHCP gateway address (not 192.168.x.x).   Be careful here if you are on a metered connection i.e. 4G as this will double your ping traffic on all of your internet connections on the Security Appliance.  For instance if your backup connection is through a cellular modem or the built in cellular connection on the MX, you will now be pinging 8.8.8.8 in addition to the address you have specified.  The standard ping to 8.8.8.8 is a 64 byte ping plus overhead (header, etc.) once per second and there should be a reply as well.  based on what we have seen this adds up to about 450 MB per month, per ping endpoint. This is in Bytes and there are eight bits per byte, so check with your provider on if you are paying for Megabytes/Gigabytes per month, or Megabits/Gigabits per month.   Would be neat if this could be changed instead of adding an additional ping, but for many this is quite helpful.   ... View more