It's not about how many bits are 1 - it's about how many bits are important. And the first bits are always most important. So it's the first x bits.

If you have a /48 then 48 bits are used to determine the address is yours. Any address which matches in the first 48 bits is yours. If you have a /64, any address which matches in the first 64 bits is yours.

It's about how many bits are 1, in the subnet mask.

The number of bits that are important is the number of 1 bits in the which bits are important mask, yes. I thought you couldn't remember how that mask worked.

/48 is netmask of ffff:ffff:ffff:0:0:0:0:0. `sipcalc` can help with this.

  $ sipcalc ::/48
  -[ipv6 : ::/48] - 0
  
  [IPV6 INFO]
  Expanded Address - 0000:0000:0000:0000:0000:0000:0000:0000
  Compressed address - ::
  Subnet prefix (masked) - 0:0:0:0:0:0:0:0/48
  Address ID (masked) - 0:0:0:0:0:0:0:0/48
  Prefix address  - ffff:ffff:ffff:0:0:0:0:0
  Prefix length  - 48
  Address type  - Reserved
  Comment   - Unspecified
  Network range  - 0000:0000:0000:0000:0000:0000:0000:0000 -
       0000:0000:0000:ffff:ffff:ffff:ffff:ffff

I remember how this works because of the IPv4 examples that I have baked into my head, e.g. 10.0.0.0/8 or 192.168.1.0/24. Clearly the first 24 bits must be 1 for that last one to make any sense.

I recently found a case where an "inverted" netmask makes sense - when you want to allow access through a firewall to a given IPv6 host (with auto-config address) regardless of the network that your provider has assigned.

> I can never remember whether /x means "the last x bits are 0" or "the first x bits are 1"

> People should write 80/48 or 48/80 to be clear

The clarity is found implied in your preferred example.

- "80/" would mean "80 bits before"

- "/48" would mean "48 bits after"

... and this is the opposite of the other 2 responses

/x is almost always the number of network bits (so the first half). There are some Cisco ISO commands that are the opposite but those are by far the minority.

99/100 it means the first bits.