I have a network with 2 data centers and 100 VPN connected remote sites. All of the remote sites build a VPN tunnel to the primary data center (Site A), though if that site is unavailable, they will build the tunnel to the alternate data center (Site B). Between the two data centers is a point-to-point connection.
Currently, we have EIGRP running between the two data centers (and their associated VPN routers). This re-routes traffic properly if the VPN router at Site A goes down, but only if the router is dead. If the Internet link to that site goes down, the remote site properly re-build tunnels to Site B but EIGRP still advertises the routes from Site A's router.
Our current process is if we lose Site A's Internet connectivity, we quickly add a static route at one site to allow traffic to flow properly. Ideally, EIGRP would handle the failover VPN routing without intervention.
I have attached a picture to describe the connectivity.