I was capturing some HTTP traffics and I observed a packet with the FIN flag set and also containing payload data.
I searched for this topic and I found some similar questions but none of them talking about the next sequence number and RFC references for this situation.
My question is that what should be the next sequence number after packet with the FIN flag set containing payload?
In other words, what should be the ACK number of the packet which is the response of the active opener's FIN packet? What acknowledgment number should the response packet have, while the sender of FIN packet, has a payload, too?
--> <SEQ=100><ACK=300><CTL=FIN,ACK> : payload length = 20 bytes
<-- <SEQ=300><ACK=X><CTL=FIN,ACK>
--> <SEQ=X><ACK=301><CTL=ACK>
Is X
101
, 120
, or 121
?
Do RFC clearly talks about this scenario?
I also searched for that in RFC 793 but I didn't find a clear explanation for my question.