topic Path Monitoring - latency in Next-Generation Firewall Discussions https://live.paloaltonetworks.com/t5/next-generation-firewall/path-monitoring-latency/m-p/539062#M1154 <P>I'm not using PAN SD-WAN.</P> <P>&nbsp;</P> <P>I have static route path monitoring configured for multiple ISPs.&nbsp; If pings fail, the path goes down as expected.</P> <P>If the pings succeed, but latency is abnormally high, the path stays up.</P> <P>&nbsp;</P> <P>How can I set a latency threshold?&nbsp; Ideally, I'd have a threshold for each monitored path such as 10ms for the next hop and 200ms for a host that's outside if the ISP's network.</P> <P>&nbsp;</P> <P>This would help automatically fail a route that isn't really working correctly.</P> Mon, 17 Apr 2023 18:51:10 GMT jonathanb 2023-04-17T18:51:10Z Path Monitoring - latency https://live.paloaltonetworks.com/t5/next-generation-firewall/path-monitoring-latency/m-p/539062#M1154 <P>I'm not using PAN SD-WAN.</P> <P>&nbsp;</P> <P>I have static route path monitoring configured for multiple ISPs.&nbsp; If pings fail, the path goes down as expected.</P> <P>If the pings succeed, but latency is abnormally high, the path stays up.</P> <P>&nbsp;</P> <P>How can I set a latency threshold?&nbsp; Ideally, I'd have a threshold for each monitored path such as 10ms for the next hop and 200ms for a host that's outside if the ISP's network.</P> <P>&nbsp;</P> <P>This would help automatically fail a route that isn't really working correctly.</P> Mon, 17 Apr 2023 18:51:10 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/path-monitoring-latency/m-p/539062#M1154 jonathanb 2023-04-17T18:51:10Z Re: Path Monitoring - latency https://live.paloaltonetworks.com/t5/next-generation-firewall/path-monitoring-latency/m-p/539815#M1172 <P>Hi Jonathanb,</P> <P>&nbsp;</P> <P>To my knowledge you cannot configure latency threshold on a) static route monitoring, b) BFD monitoring, c) PBF rule with Monitor profile.</P> <P>All of the 3 above options monitor failures and not quality of the link/path.</P> <P>&nbsp;</P> <P>In your scenario there are other options that might suit your needs. consider these two options below.&nbsp;</P> <P>1) QoS and assign different application different priorities.</P> <P>2) ECMP load balance the traffic between multiple ISP and if required assign weights to each specific ISP link.</P> <P>&nbsp;</P> Sun, 23 Apr 2023 11:16:02 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/path-monitoring-latency/m-p/539815#M1172 Y-alwaysMe 2023-04-23T11:16:02Z