Let's Encrypt queries from multiple vantage points and each validation server chooses at least one nameserver randomly.
So yes, there's a high chance that DNS queries hit more than a single nameserver. One should also note that, when viewed from the outside, all nameservers are equal and there's no distinction between "primary" or "secondary" nameservers (even though it may be managed internally in this way).
You can delegate the _acme-challenge TXT record to a different zone using CNAMEs. This other zone can have a completly different DNS setup (for example that zone could have only a single nameserver) that will only be used for acme-challenge validation.