Hi,
You can install both roles on the same server.
You can split later the server roles
The server roles are aware of other servers.
you don't need FE server in DMZ
ADFS should be used for external access though you can also used internally hence DMZ makes more sense for external access.
The FE contacts the DB directly the same for BE
Hope this helps.