The switch ip or the loopback needs to be routable to whatever network the access point is on. If the LMS-IP is different from the loopback, the client will be redirected to and communicate with the loopback, after first contacting the LMS-IP address. The access points can be in the VLAN3 network, but will communicate with the loopback address, so the loopback address should be routable to VLAN3.
If the access get an ip address in VLAN3 and discovers the controller in VLAN3 using multicast, it will be redirected to and communicate with the loopback after discovery.
The controller will ultimately give out the switch-ip or loopback upon discovery.