The short answer is no packets are guaranteed to arrive. Any number of conditions can cause packets to be dropped or lost in transit. TCP includes retry rules to ensure the data arrives.
Your scenario is a half-closed connection. One side closes the connection, and can only read data until the other side closes the connection.
FIN ------>
<------ ACK
The side sending the FIN packet will cycle through the FIN_WAIT1, FIN_WAIT2, and TIME_WAIT states as the connection closes. The side which receives the FIN packet will enter CLOSE_WAIT. When the it closes the connection, it will retry the FIN packets according to its retry rules until it receives an ACK or times out. Until the second FIN is sent, the connection is in a half-closed state.
<------ FIN
ACK ------>
Connections can be closed with 3 packets. These are common in the protocol dumps I see. In some cases, the response to the first FIN will be an RST (reset), and the final ACK will be replaces with an RST.
FIN ------>
<------ FIN,ACK
ACK ------>
In some cases, an RST (reset) is sent in place of the ACK, and the final ACK is replaced with an RST.
FIN ------>
<------ RST
RST ------>
Due to network delay it is possible for both ends to close an active connection. In this case the ACK, packets may be delivered in either order.
<------ FIN
FIN ------>
<------ ACK
ACK ------>
which side is the client in your diagram, left or right? – Frank Thomas – 2015-06-02T21:04:43.220
2@Frank Thomas Does it matter? once a connection has been established, the terms client and server stops being relevant. – user454606 – 2015-06-02T21:08:23.357
@FrankThomas: Do you think it matters? The left side is the first process to close the socket. – Scott – 2015-06-02T21:09:21.533
yes. half closed connections are a denial of service vector when the close is attempted server-side and the client does not respond, but are negligible when the client attempts to close and does not get a FIN to acknowledge that the server has closed its end.In this attack, the client(s) establish connections, and leave them open. when the server tries to close them, the client does not respond, keeping the connection open longer. on a high demand server, this can fill up state tables within the servers IP stack. essentially the same as syn flood attacks. – Frank Thomas – 2015-06-02T21:10:12.130