[Samba] Optimizing Samba servers roles in multi server network

[Prunk Dump]

Hi Samba Team !

I have only three servers to administer my 280 Windows and my 170
Linux clients. As this is the a high school network, the stations are
used by a wide number of persons and this generate a high network
traffic. So I need to share the load between my servers to optimize
their performance.

Currently I have decided to split all the services :
-> My three servers are AD DC
-> Each of them run a KDC
-> Each of them export Sysvol
-> Each of them run a Bind9 nameserver
-> I separated my user's homes on the three DCs with DFS
-> I separated my user's profiles on the three DCs taking care not
putting home and profile on the same DC
-> + many other services ( like puppet, apt-cacher ...)

So I divided all the roles by three.

But someone here recall to me that I should not export Samba shares on
DC other than Sysvol. On Samba wiki, I can read that there is some
limitation about using a DC as file server as the auto-enabled
acl_xattr force me to use Windows access control lists.

However, there is a compatibility layer enabled by :

acl_xattr:ignore system acls = no

So even if I export my file system by NFS, I never found limitations
about using acl_xattr. The ACL compatibility layer is very good.

My question is, there is another reason not using AD DC as file server
? Is there performance issue ?

Do you think that is better to have just one AD DC (so just one KDC)
and two member server exporting the home and profile shares ?

Thanks !