We have multiple VPN tunnels to each remote location, using multiple ISPs for redundancy, and have OSPF watching the tunnels for best path selection.
To test our backup link, we needed to manually bring down the preferred (primary) tunnel to force traffic onto the other (backup) tunnel. As a quick-and-dirty solution I changed the endpoint IP of the primary tunnel to a known non-working IP which caused the tunnel to fail (and traffic shifted to backup tunnel) but there has to be a more elegant solution.
What is the recommended way to administratively shut down a tunnel ( st0.x ) interface without having to butcher the config?