We are doing this in production with two peered external DHCP servers and it works fine for us.
Note there are other related flags in the global firewall you may want to investigate -- we run
with "Prevent DHCP exhaustion", "Prohibit IP spoofing" and "Prohibit ARP spoofing" turned on.
Those are all essential ingredients to good first-hop security.
With the latter option enabled, you may also want to consider local-proxy-arp on your client VLAN interfaces, but take care that you understand it if your controller has an IP applied to those VLAN interfaces. This prevents occasional blacklisting events if there is a device that accidentally sends corrupt ARP replies (iPhone) and also reduces the ARP traffic over the air in general, which is a good thing.