Servers are hosted on a subnet in the cloud that has a primary and backup IP tunnel address, and the network provides a connection to each.
The two routers connect to separate default gateways and have a connection between them for redundancy.
The EOS routers are using OSPF between each other and static routing to the gateways.
Both Tunnel IP Addresses are multiple router hops away from the S-Series. The Primary Switch always uses the primary connection unless the Cloud Tunnel IP is not reachable, but The primary router does not backup the secondary router.
The primary has a static route with a probe pointing at the server subnet and using the cloud interface even though it is not a local next -hop by using recursive routing the router will forward the traffic as long as it has a route to the next-hop address.
The secondary router has a static route pointing at the server farm subnet and using the backup Cloud Tunnil IP address as a next hop. If the primary Tunnil IP stops replying to ping the probe fails, and the route is removed from the route table causing the route redistributed by the secondary router into OSPF to be populated in the route table.
The primary router does not redistribute the static and does not have a static route for the secondary tunnel which is used only when the primary tunnel is not responding to ping.
When there is no failure the Primary router will use the static route to reach the server subnet hosted in the cloud because OSPF has a higher administrative distance than a static route.
Server Subnet 192.168.52.0/24
Primary Tunnel IP Address 192.168.53.1
Secondary Tunnel IP Address 198.51.100.2
Primary default gateway 203.0.113.253
Backup default gateway 198.51.100.2
192.168.17.0 subnet between the routers