Wireshark tech support:
"If you span a vlan, every packet will enter the switch and leave the switch on that vlan, hence the switch will mirror it twice. You should use "rx" or "tx" instead of "both" on the definition of the span-port when spanning a vlan.
You can remove the duplicate packets in the tracefile with "editcap -d
"
Not sure if this relates directly to what you're seeing or not, but configuring a session monitor to observe traffic on multiple ports in both directions will cause Wireshark to report out of order and duplicate packets. For instance, I configured a 2950 to monitor a CallManger port and a Unity port for testing. Wireshark reported numerous out of order and duplicate packets. It took a few minutes to figure out but it turns out that the problem was simply the normal behavior of Wireshark when it sees the same traffic from two ports. The packet is 'monitored' on the ingress port, then again on the egress port. I would suggest that you make sure you are monitoring only one port and see if the out of order and duplicate packets persist. "
http://www.groupstudy.com/archives/cisco/200706/msg00600.html
