Variable length subnet masking (VLSM) is a more efficient way of subnetting a network. When you perform classful subnetting, all the subnets must use the same subnet mask, forcing them to each use the same number of hosts. This can lead to wasted IP space.
Say for example you need three subnets in a /24 network. Say you need 120 hosts in one subnet, and only 8 in the remaining two subnets. Well, with traditional subnetting, all subnets must be the same size. The subnet which needs 120 hosts has to have a subnet mask of 255.255.255.128. No smaller subnet will allow for 120 hosts. This means the other two subnets must also have the same subnet mask, 255.255.255.128, but three such subnets do not fit into a single /24! Also, you only need 8 hosts for the second two subnets, but with a mask of 255.255.255.128 you have 126 usable hosts. that is 118 unused IP addresses. What a waste!
Classless Inter-Domain Routing (CIDR) has replaced the classful network design. Subnets no longer have to all be the same size. Network architects can now create multiple subnets all of which vary in size and subnet mask.
If you were to use CIRD/VLSM, you could easily fit all three subnets into a single /24 network. The subnet which has 120 hosts would still have a subnet mask of 255.255.255.128, but now the remaining two subnets could have a subnet mask of 255.255.255.240. These would each allow 14 usable hosts, and still leave a chunk of the original /24 to be used in the future. A much more efficient use of IP space.
VLSM allows you to use different subnet masks, allowing for a more exact number of hosts to be used in each subnet. To perform VLSM subnetting, starting with the largest number of hosts needed in a single subnet, find the smallest subnet which will have that many hosts. Then do the same for the subnet needing the second largest number of hosts, all the way down to the smallest number of hosts needed.
One common mistake in subnetting is to attempt to create something such as a 172.16.1.0/23 network. A /23 can never have a '1' in the third octet. This is because a /23 uses the first 7 bits of the third octet for the network, and the last bit for hosts. Ignoring the last bit (which is used for hosts) we can only have 172.16.0.0/23 or 172.16.2.0/23, but no /23 in between. This is an error other VLSM calculators seem to make. If in doubt, try converting to binary. Another example of this may be attempting to have a 192.168.1.1/30 network. For the same reason as before, we can only have 192.168.1.0/30, with the next possible network being 192.168.1.4/30.