I'm working on a backup solution that uses a vpn tunnel as a backup connection for my site (Philadelphia) and other WAN sites should another location (New York) lose its connection to the WAN. The WAN uses BGP, I have a private AS that peers up with ATT's AS, and the same things happens for remote locations. They all peer up with an eBGP neighbor. My backup uses a floating static route that leads to a vpn tunnel that connects to the remote site. In BGP, I'm using as-path prepending to notifiy other WAN sites of an alternative route to networks located in New York. So, I need to have a route, and reachability to New York's networks before I can advertise them via BGP. I put a floating static route into my WAN router that points toward the tunnel for those networks. I simulate an outage on the WAN link for New York, and remote sites start seeing the longer AS alternative path via my WAN router and it works fine. The problem is in the failback to the primary when I bring back New York's WAN connection. My WAN router sees a better path via the tunnel now, I think it's the route origin step. This better path is not only reflected in the show ip bgp output, but also in the sh ip route output. Why does my router see a floating static route with an admin distance of 200 as being better than an eBGP learned route with an admin distance of 20? Any ideas on how I can automatically lose that floating static route when New York's primary WAN connection comes back online?