Which requirements must an extended ACL include?

An extended access control list (ACL) is a type of network filter used to control traffic based on various criteria, including source and destination IP addresses, protocols, and port numbers. For an extended ACL to function properly, it must include an identification number, which uniquely identifies the ACL, the protocol to filter (such as TCP, UDP, or ICMP), and a wildcard mask to specify which IP addresses the rule applies to.

The inclusion of an identification number is essential for the ACL to be recognized and applied correctly on routers. The protocol specification allows the ACL to filter traffic specific to that protocol, while the wildcard provides the flexibility to match a range of IP addresses. This combination ensures that the ACL accurately controls traffic based on the administrators' specified criteria, offering a higher level of granularity compared to standard ACLs, which focus only on source IP addresses.

In summary, the combination of an identification number, protocol, and wildcard is fundamental to establishing effective extended ACL rules, facilitating precise traffic management in a network environment.