Have an intranet site I'm looking to lockdown to ensure it's only accessible from within our network. This app uses Traffic Manager for geographical failover and uses a failover groups for azure sql db, as well as using app service that queries the web app using Front Door, and have a storage account of course. For one what is the relationship between the sql failover group and Traffic Manager? Since Failover Groups can already have geo redundancy? My experience with using them was having them all effectively in one region across servers but apparently they can also all be 1 server now. I'm guessing you can basically treat a failover group like any other resource in respect to TM, so we have a fail over group on the primary and secondary region?
Also what is the most cost beneficial way for failover? What is the cost comparison of a failover from primary region failover to the secondary vs just sending traffic cross region to the Azure DB to the Secondary. So for instance if the sql db goes down in region 1 are the extra costs in sending the traffic cross regions to the other db failover group cross region worth it or is it better to failover to the secondary region entirely so the traffic doesn't have to go cross region?