Are you testing this iRule on a port 0 (any) VIP? Do you have port translation enabled on the VIP? If you remove the iRule and add the PORT-22 pool to the VIP, can you make a request on port 22 to the VIP? If not, check the routing between LTM and the pool members. If the default gateway of the servers isn't the LTM, you'll need to enable SNAT.
Once you have the port 22 pool working on the VIP, you can retest the iRule with a minor change and some debug logging:
when CLIENT_ACCEPTED {
log local0. "[IP::client_addr]:[TCP::client_port]: New connection to [IP::local_addr]:[TCP::local_port]"
Check the destination port
switch [TCP::local_port] {
"22" {
Request was to port 22
pool "PORT-22"
log local0. "[IP::client_addr]:[TCP::client_port]: Using PORT-22 pool"
}
"22" {
Request was to port 22
pool "PORT-22"
log local0. "[IP::client_addr]:[TCP::client_port]: Using PORT-23 pool"
}
default {
reject
log local0. "[IP::client_addr]:[TCP::client_port]: Request to undefined port. Resetting connection."
}
}
}
Aaron