cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Lakebase Discussions
Ask questions, share challenges, and connect with others working on Lakebase. From troubleshooting to best practices, this is where conversations happen.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Lakebase not accessible in Private Network

skarpeck
New Contributor III

โ€Ž12-03-2025 04:14 AM

We have a VNET Injected workspace in Azure. There are multiple SQL Warehouse which are easily accessible from Private Network - both directly from VM and via VPN on client's machine. 

We deployed Lakebase. Inside the Workspace, connectivity is working fine. However, whenever we try to connect to via DBeaver, JDBC or pSQL - we always get a timeout for a connection. Anyone knows what to do with that?

0 Kudos
3 REPLIES 3

youssefmrini
Databricks Employee
Databricks Employee

โ€Ž12-22-2025 08:33 AM

  • Lakebase Autoscaling supports connectivity through Databricks Front-end PrivateLink. Front-end PrivateLink support for Lakebase Postgres Autoscaling is currently in private preview. Contact your Databricks Account Team to enroll.
0 Kudos

siva-anantha
Contributor

โ€Ž01-02-2026 07:42 AM

@skarpeck: I don't have experience in Lakebase. My first thought on this issue, corporate firewall blocking outgoing connection to the lakebase public endpoint.

Could you please also review if firewall allows Lakebase endpoint host on port 5432?

 

0 Kudos

Lu_Wang_ENB_DBX
Databricks Employee
Databricks Employee

3 weeks ago

Summary Lakebase operates in the Databricks Serverless compute plane, meaning it does not reside inside your injected VNET. Connection timeouts from external tools are typically caused by blocked outbound ports or missing front-end Private Link configurations for the serverless ingress.

Troubleshooting Steps & Context

  • Serverless Architecture: Unlike classic compute (which lives within your injected VNET), Lakebase compute is hosted entirely within the Databricks Serverless compute plane and is logically isolated. VNET injection alone does not route private traffic to serverless endpoints.
  • Port Requirements: External clients like DBeaver, JDBC, and pSQL are fully supported. They connect directly to the PostgreSQL service using the standard PostgreSQL wire protocol. You must ensure that your Network Security Groups (NSGs) and firewalls allow outbound traffic on port 5432 from your VMs and VPN.
  • Private Connectivity Configuration: To securely access Lakebase over a private network rather than the public internet, your workspace must be configured with Front-end Private Link. Lakebase automatically integrates with and inherits your workspace-level Private Link and IP ACL configurations at the ingress security layer. Verify that Front-end Private Link is properly configured and routing correctly for the workspace.

More info on how to configure private link: https://docs.databricks.com/aws/en/security/network/front-end/service-direct-privatelink

0 Kudos
Announcements