Just had to do a “live” default route cutover and while I was mostly sure it was gonna work its nice to have it definatively proven now. You can add the second default gateway, then remove the first, so there’s never not a default route. I’m not sure which one it kept using while they were both there, or if it per-packet loadbalances or what, but my ssh sessions didn’t even hiccup so at the very least it won’t knock you offline or interupt connections. Of course this is assuming your upstream devices aren’t doing any nat/firewall stuff to complicate things.